[GIT PULL] capabilities update for v6.17-rc1
Serge E. Hallyn
serge at hallyn.com
Tue Jul 29 19:23:07 UTC 2025
The following changes since commit 19272b37aa4f83ca52bdf9c16d5d81bdd1354494:
Linux 6.16-rc1 (2025-06-08 13:44:43 -0700)
are available in the Git repository at:
https://git.kernel.org/pub/scm/linux/kernel/git/sergeh/linux.git tags/caps-pr-20250729
for you to fetch changes up to cdd73b1666079a73d061396f361df55d59fe96e6:
uapi: fix broken link in linux/capability.h (2025-07-04 19:21:53 -0500)
----------------------------------------------------------------
Capabilities update for 6.17
This branch contains two patches:
cdd73b1666079a73d061396f361df55d59fe96e6 uapi: fix broken link in linux/capability.h
This updates documentation in capability.h.
337490f0007f910968f828e46501db3091b1a4f8 exec: Correct the permission check for unsafe exec
This is not a trivial patch, but fixes a real problem where during
exec, different effective and real credentials were assumed to mean
changed credentials, making it impossible in the no-new-privs case
to keep different uid and euid.
These are available at:
git://git.kernel.org/pub/scm/linux/kernel/git/sergeh/linux.git #caps-pr-20250729
on top of commit 19272b37aa4f83ca52bdf9c16d5d81bdd1354494 (tag: v6.16-rc1)
----------------------------------------------------------------
Ariel Otilibili (1):
uapi: fix broken link in linux/capability.h
Eric W. Biederman (1):
exec: Correct the permission check for unsafe exec
include/uapi/linux/capability.h | 5 +++--
security/commoncap.c | 20 ++++++++------------
2 files changed, 11 insertions(+), 14 deletions(-)
More information about the Linux-security-module-archive
mailing list