grsecurity fixes

author: netblue30 <netblue30@yahoo.com> 2016-04-07 17:37:36 -0400
committer: netblue30 <netblue30@yahoo.com> 2016-04-07 17:37:36 -0400
commit: 752c3a43a322b40c1a43012735aa797d9e3c7435 (patch)
tree: 0835b4d1bed77eb61cd1f6ef179541310d470881 /src/firejail/caps.c
parent: added dnsmasq profile (diff)
download: firejail-752c3a43a322b40c1a43012735aa797d9e3c7435.tar.gz
firejail-752c3a43a322b40c1a43012735aa797d9e3c7435.tar.zst
firejail-752c3a43a322b40c1a43012735aa797d9e3c7435.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/src/firejail/caps.c b/src/firejail/caps.c
index 6b934bda6..2d42c7d8a 100644
--- a/src/firejail/caps.c
+++ b/src/firejail/caps.c
@@ -247,11 +247,13 @@ void caps_print(void) {
        // check current caps supported by the kernel
        int cnt = 0;
        unsigned long cap;
+        EUID_ROOT();    // grsecurity fix
        for (cap=0; cap <= 63; cap++) {
                int code = prctl(PR_CAPBSET_DROP, cap, 0, 0, 0);
                if (code == 0)
                        cnt++;
        }
+        EUID_USER();
        printf("Your kernel supports %d capabilities.\n", cnt);
        
        for (i = 0; i < elems; i++) {
author	netblue30 <netblue30@yahoo.com>	2016-04-07 17:37:36 -0400
committer	netblue30 <netblue30@yahoo.com>	2016-04-07 17:37:36 -0400
commit	752c3a43a322b40c1a43012735aa797d9e3c7435 (patch)
tree	0835b4d1bed77eb61cd1f6ef179541310d470881 /src/firejail/caps.c
parent	added dnsmasq profile (diff)
download	firejail-752c3a43a322b40c1a43012735aa797d9e3c7435.tar.gz firejail-752c3a43a322b40c1a43012735aa797d9e3c7435.tar.zst firejail-752c3a43a322b40c1a43012735aa797d9e3c7435.zip