Add file_ns_capable() helper function for open-time capability checking
authorLinus Torvalds <torvalds@linux-foundation.org>
Sun, 14 Apr 2013 17:06:31 +0000 (10:06 -0700)
committerLinus Torvalds <torvalds@linux-foundation.org>
Sun, 14 Apr 2013 17:06:31 +0000 (10:06 -0700)
commit935d8aabd4331f47a89c3e1daa5779d23cf244ee
tree8fff6fba14f11a55cea7a9fd3adc2e8d418b4ee1
parent5b55d708335a9e3e4f61f2dadf7511502205ccd1
Add file_ns_capable() helper function for open-time capability checking

Nothing is using it yet, but this will allow us to delay the open-time
checks to use time, without breaking the normal UNIX permission
semantics where permissions are determined by the opener (and the file
descriptor can then be passed to a different process, or the process can
drop capabilities).

Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
include/linux/capability.h
kernel/capability.c