keyctl.2: Clarify permission rules for KEYCTL_SETPERM

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-11-08 00:25:33 +01:00 · 2016-11-08 00:25:33 +01:00 · 6e810113f1
parent 59d33fb6c1
commit 6e810113f1
1 changed files with 8 additions and 4 deletions
--- a/man2/keyctl.2
+++ b/man2/keyctl.2
@ -323,15 +323,19 @@ to the permissions provided in the
 argument (cast to
 .IR key_perm_t ).

-The key must grant
-.I setattr
-permission to the caller.
-
 If the caller doesn't have the
 .B CAP_SYS_ADMIN
 capability, it can change permissions only for the keys it owns.
 (More precisely: the caller's filesystem UID must match the UID of the key.)

+The key must grant
+.I setattr
+permission to the caller
+.IR regardless
+of the caller's capabilities.
+.\" FIXME Above, is it really intended that a privileged process can't
+.\" override the lack of the 'setattr' permission?
+
 The permissions in
 .IR arg3
 specify masks of available operations