[RFC PATCH V2 2/4] capabilities: invert logic for clarity

Richard Guy Briggs rgb at redhat.com
Thu May 11 20:42:41 UTC 2017


The way the logic was presented, it was awkward to read and verify.  Invert the
logic using DeMorgan's Law to be more easily able to read and understand.

Signed-off-by: Richard Guy Briggs <rgb at redhat.com>
---
 security/commoncap.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/security/commoncap.c b/security/commoncap.c
index 9520f0a..664d6a5 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -608,7 +608,7 @@ int cap_bprm_set_creds(struct linux_binprm *bprm)
 	 * Number 1 above might fail if you don't have a full bset, but I think
 	 * that is interesting information to audit.
 	 */
-	if (pESET && (!pEALL || !EROOT || !RROOT || !SROOT) ) {
+	if (pESET && !(pEALL && EROOT && RROOT && SROOT) ) {
 		ret = audit_log_bprm_fcaps(bprm, new, old);
 		if (ret < 0)
 			return ret;
-- 
1.7.1

--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html



More information about the Linux-security-module-archive mailing list