mirror of
https://github.com/nginx/nginx.git
synced 2024-12-27 01:11:13 -06:00
ce45ded2a8
Previously, capset(2) was called with the 64-bit capabilities version _LINUX_CAPABILITY_VERSION_3. With this version Linux kernel expected two copies of struct __user_cap_data_struct, while only one was submitted. As a result, random stack memory was accessed and random capabilities were requested by the worker. This sometimes caused capset() errors. Now the 32-bit version _LINUX_CAPABILITY_VERSION_1 is used instead. This is OK since CAP_NET_RAW is a 32-bit capability (CAP_NET_RAW = 13). |
||
---|---|---|
.. | ||
cc | ||
lib | ||
os | ||
types | ||
configure | ||
define | ||
endianness | ||
feature | ||
have | ||
have_headers | ||
headers | ||
include | ||
init | ||
install | ||
make | ||
module | ||
modules | ||
nohave | ||
options | ||
sources | ||
stubs | ||
summary | ||
threads | ||
unix |