From 5d9edfb8931862319b5f46d8f4e8f1eb664b1b9f Mon Sep 17 00:00:00 2001
From: Thorvald Natvig <slicer@users.sourceforge.net>
Date: Fri, 27 Feb 2009 12:47:30 +0000
Subject: Don't keep CAP_DAC_OVERRIDE after switching users

git-svn-id: https://mumble.svn.sourceforge.net/svnroot/mumble/trunk@1593 05730e5d-ab1b-0410-a4ac-84af385074fa
---
 src/murmur/UnixMurmur.cpp | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'src/murmur/UnixMurmur.cpp')

diff --git a/src/murmur/UnixMurmur.cpp b/src/murmur/UnixMurmur.cpp
index d6fd5d6df..393b103c6 100644
--- a/src/murmur/UnixMurmur.cpp
+++ b/src/murmur/UnixMurmur.cpp
@@ -227,12 +227,15 @@ void UnixMurmur::setuid() {
 
 void UnixMurmur::initialcap() {
 #ifdef Q_OS_LINUX
-	cap_value_t caps[] = {CAP_DAC_OVERRIDE, CAP_SYS_NICE, CAP_SYS_RESOURCE, CAP_NET_ADMIN, CAP_SETUID, CAP_SETGID };
+	cap_value_t caps[] = {CAP_SYS_NICE, CAP_SYS_RESOURCE, CAP_NET_ADMIN, CAP_SETUID, CAP_SETGID, CAP_DAC_OVERRIDE };
 	
 	if (! bRoot)
 		return;
 		
 	int ncap = sizeof(caps)/sizeof(cap_value_t);
+	
+	if (geteuid() != 0)
+		ncap--;
 		
 	cap_t c = cap_init();
 	cap_clear(c);
@@ -250,7 +253,7 @@ void UnixMurmur::initialcap() {
 
 void UnixMurmur::finalcap() {
 #ifdef Q_OS_LINUX
-	cap_value_t caps[] = {CAP_DAC_OVERRIDE, CAP_SYS_NICE, CAP_NET_ADMIN };
+	cap_value_t caps[] = {CAP_SYS_NICE, CAP_NET_ADMIN };
 
 	if (! bRoot)
 		return;
-- 
cgit v1.2.3