From 6203554207728f43cfb9fd48585cd6500da73d42 Mon Sep 17 00:00:00 2001 From: Linus Torvalds Date: Tue, 29 Apr 2008 11:45:16 -0700 Subject: [PATCH] drivers/net/tehuti: use proper capability check for raw IO access Yeah, in practice they both mean "root", but Alan correctly points out that anybody who gets to do raw IO space accesses should really be using CAP_SYS_RAWIO rather than CAP_NET_ADMIN. Pointed-out-by: Alan Cox Signed-off-by: Linus Torvalds --- drivers/net/tehuti.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/tehuti.c b/drivers/net/tehuti.c index e83b166aa6b..432e837a176 100644 --- a/drivers/net/tehuti.c +++ b/drivers/net/tehuti.c @@ -649,7 +649,7 @@ static int bdx_ioctl_priv(struct net_device *ndev, struct ifreq *ifr, int cmd) DBG("%d 0x%x 0x%x\n", data[0], data[1], data[2]); } - if (!capable(CAP_NET_ADMIN)) + if (!capable(CAP_SYS_RAWIO)) return -EPERM; switch (data[0]) { -- 2.41.1