diff options
author | Henry Castro <hcastro@collabora.com> | 2015-12-10 07:47:33 -0400 |
---|---|---|
committer | Henry Castro <hcastro@collabora.com> | 2015-12-10 07:47:33 -0400 |
commit | 294422b5a038e6faa9c112c40bda93413196b244 (patch) | |
tree | 37c1ae27b09aadd18dc9d8ef27fc90e51aaa3394 | |
parent | e68aef6bef404882ebbb734c515d8fee58f48395 (diff) |
loolwsd: remove cap_sys_admin capabilityprivate/hcvcastro/bind-mount
-rw-r--r-- | loolwsd/LOOLWSD.cpp | 2 | ||||
-rw-r--r-- | loolwsd/Makefile.am | 4 |
2 files changed, 2 insertions, 4 deletions
diff --git a/loolwsd/LOOLWSD.cpp b/loolwsd/LOOLWSD.cpp index 8d8212175..6390f5f00 100644 --- a/loolwsd/LOOLWSD.cpp +++ b/loolwsd/LOOLWSD.cpp @@ -908,7 +908,6 @@ void LOOLWSD::componentMain() dropCapability(CAP_SYS_CHROOT); dropCapability(CAP_MKNOD); dropCapability(CAP_FOWNER); - dropCapability(CAP_SYS_ADMIN); #else dropCapability(); #endif @@ -1212,7 +1211,6 @@ int LOOLWSD::main(const std::vector<std::string>& /*args*/) dropCapability(CAP_SYS_CHROOT); dropCapability(CAP_MKNOD); dropCapability(CAP_FOWNER); - dropCapability(CAP_SYS_ADMIN); #else dropCapability(); #endif diff --git a/loolwsd/Makefile.am b/loolwsd/Makefile.am index 62f24eec0..c1acb0640 100644 --- a/loolwsd/Makefile.am +++ b/loolwsd/Makefile.am @@ -36,8 +36,8 @@ clean-cache: all-local: loolwsd if test "$$BUILDING_FROM_RPMBUILD" != yes; then \ if test `uname -s` = Linux; then \ - sudo @SETCAP@ cap_fowner,cap_mknod,cap_sys_admin,cap_sys_chroot=ep loolwsd; \ - sudo @SETCAP@ cap_sys_admin=ep loolmount; \ + sudo @SETCAP@ cap_fowner,cap_mknod,cap_sys_chroot=ep loolwsd; \ + sudo @SETCAP@ cap_sys_admin=ep loolmount; \ else \ sudo chown root loolwsd && sudo chmod u+s loolwsd; \ fi; \ |