net: ipc_router: Check for capabilities instead of group IDs
Permit the processes having CAP_NET_RAW or CAP_NET_BIND_SERVICE capabilities to bind a service with IPC Router. CRs-Fixed: 731805 Change-Id: Ie57d39d6c8252bc2238714558c4809aaa561494a Signed-off-by: Karthikeyan Ramasubramanian <kramasub@codeaurora.org>
This commit is contained in:
parent
c5564588dd
commit
536cdf4fd0
|
@ -83,7 +83,7 @@ int check_permissions(void)
|
|||
{
|
||||
int rc = 0;
|
||||
if (uid_eq(current_euid(), GLOBAL_ROOT_UID) ||
|
||||
in_egroup_p(KGIDT_INIT(AID_NET_RAW)))
|
||||
capable(CAP_NET_RAW) || capable(CAP_NET_BIND_SERVICE))
|
||||
rc = 1;
|
||||
return rc;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue