Lines Matching full:capabilities
2 /* Common capabilities, needed by capability.o.
35 * !secure(SECURE_NOROOT) mode, then we raise capabilities.
37 * the file capabilities to be applied, and the setuid-root
39 * to get full privilege on a kernel without file capabilities
40 * support. So in that case we do not raise capabilities.
49 " effective capabilities. Therefore not raising all" in warn_setuid_and_fcaps_mixed()
50 " capabilities.\n", fname); in warn_setuid_and_fcaps_mixed()
80 /* Do we have the necessary capabilities? */ in cap_capable_helper()
155 * task's capabilities, then ptrace access is allowed.
192 * capabilities, then ptrace access is allowed.
226 * This function retrieves the capabilities of the nominated task and returns
245 * Determine whether the inheritable capabilities are limited to the old
260 * cap_capset - Validate and apply proposed changes to current's capabilities
263 * @effective: A pointer to the proposed new effective capabilities set
264 * @inheritable: A pointer to the proposed new inheritable capabilities set
265 * @permitted: A pointer to the proposed new permitted capabilities set
287 /* no new pI capabilities outside bounding set */ in cap_capset()
643 * do not have enough capabilities, we return an error if they are in bprm_caps_from_vfs_caps()
644 * missing some "forced" (aka file-permitted) capabilities. in bprm_caps_from_vfs_caps()
654 * @cpu_caps: vfs capabilities
808 * @has_fcap: Are any file capabilities set?
813 * SECURE_NOROOT. If file capabilities are set, they won't be combined with
916 /* Process setpcap binaries and capabilities for uid 0 */ in cap_bprm_creds_from_file()
1085 * cap_emulate_setxuid() fixes the effective / permitted capabilities of
1089 * {r,e,s}uid != 0, the permitted and effective capabilities are
1093 * capabilities of the process are cleared.
1096 * capabilities are set to the permitted capabilities.
1104 * A process may, via prctl(), elect to keep its capabilities when it
1130 * by exec to drop capabilities. We should make sure that in cap_emulate_setxuid()
1158 /* juggle the capabilities to follow [RES]UID changes unless in cap_task_fix_setuid()
1165 /* juggle the capabilities to follow FSUID changes, unless in cap_task_fix_setuid()
1168 * FIXME - is fsuser used for all CAP_FS_MASK capabilities? in cap_task_fix_setuid()
1287 * Allow process control functions (sys_prctl()) to alter capabilities; may
1312 * capabilities are not in use) to a system using filesystem in cap_task_prctl()
1313 * capabilities only - as the POSIX.1e draft intended. in cap_task_prctl()
1344 * "sendmail capabilities bug"), except for unprivileged bits. in cap_task_prctl()