Function report |
Source Code:security\commoncap.c |
Create Date:2022-07-28 18:36:43 |
| Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
| home page | Tree |
| Annotation kernel can get tool activity | Download SCCT | Chinese |
Name:1) Audit candidate if current->cap_effective is set* We do not bother to audit if 3 things are true:* 1) cap_effective has all caps* 2) we became root *OR* are were already root* 3) root is supposed to have all caps (SECURE_NOROOT)
Proto:static inline bool nonroot_raised_pE(struct cred *new, const struct cred *old, kuid_t root, bool has_fcap)
Type:bool
Parameter:
| Type | Parameter | Name |
|---|---|---|
| struct cred * | new | |
| const struct cred * | old | |
| kuid_t | root | |
| bool | has_fcap |
| 780 | bool ret = false |
| 782 | If __cap_grew(effective, ambient, new) && Not ( __cap_full(effective, new) && (__is_eff(root, new) || __is_real(root, new)) && root_privileged()) || root_privileged() && __is_suid(root, new) && Not __cap_full(effective, new) || Not __is_setuid(new, old) && ( has_fcap && __cap_gained(permitted, new, old) || __cap_gained(ambient, new, old)) Then ret = true |
| 796 | Return ret |
| Name | Describe |
|---|---|
| cap_bprm_set_creds | ap_bprm_set_creds - Set up the proposed credentials for execve().*@bprm: The execution parameters, including the proposed creds* Set up the proposed credentials for a new execution context being* constructed by execve() |
| Source code conversion tool public plug-in interface | X |
|---|---|
| Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion |