diff options
| author | Tanu Kaskinen <tanu.kaskinen@linux.intel.com> | 2014-01-03 13:31:29 +0200 |
|---|---|---|
| committer | Tanu Kaskinen <tanu.kaskinen@linux.intel.com> | 2014-01-03 13:31:29 +0200 |
| commit | 11e71e3990c5880ff5e52cc33741d71a0ba21d6c (patch) | |
| tree | d0bee4f110077d24c075f166587e9ac07bd88ccb | |
| parent | c307093cf07d66df9e0805df0d106e6538f67c14 (diff) | |
caps: Remove the FreeBSD implementation of pa_drop_caps()
Quoting Ryan Lortie from [1]:
I assumed from my reading of the Linux code ("cap_clear()...") that it
was clearing all capabilities of the process when in fact it is only
clearing the "special to root" capabilities.
The FreeBSD version of the code indeed clears _all_ capabilities beyond
ones that the process already has (ie: cannot open any new files, create
sockets, etc.)
This has a pretty obvious adverse effect on pulseaudio's ability to do
what it needs to do -- indeed, it bombs out pretty quickly due to an
inability to read its own config file.
[1] https://bugs.freedesktop.org/show_bug.cgi?id=72580#c11
| -rw-r--r-- | src/daemon/caps.c | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/src/daemon/caps.c b/src/daemon/caps.c index 4455db3a..52c427c8 100644 --- a/src/daemon/caps.c +++ b/src/daemon/caps.c @@ -86,8 +86,6 @@ void pa_drop_caps(void) { pa_assert_se(cap_clear(caps) == 0); pa_assert_se(cap_set_proc(caps) == 0); pa_assert_se(cap_free(caps) == 0); -#elif defined(__FreeBSD__) - pa_assert_se (cap_enter () == 0); #else #error "Don't know how to do capabilities on your system. Please send a patch." #endif /* __linux */ |