security: remove the security_netlink_recv hook as it is equivalent to capable()

Once upon a time netlink was not sync and we had to get the effective capabilities from the skb that was being received. Today we instead get the capabilities from the current task. This has rendered the entire purpose of the hook moot as it is now functionally equivalent to the capable() call. Signed-off-by: Eric Paris <eparis@redhat.com>
author: Eric Paris <eparis@redhat.com> 2012-01-03 12:25:16 -0500
committer: Eric Paris <eparis@redhat.com> 2012-01-05 18:53:01 -0500
commit: fd778461524849afd035679030ae8e8873c72b81 (patch)
tree: 32a5849c1879413fce0307af304e372eaa8225b4 /security/capability.c
parent: ptrace: do not audit capability check when outputing /proc/pid/stat (diff)
download: linux-dev-fd778461524849afd035679030ae8e8873c72b81.tar.xz
linux-dev-fd778461524849afd035679030ae8e8873c72b81.zip
1 files changed, 0 insertions, 1 deletions
diff --git a/security/capability.c b/security/capability.c
index 2984ea4f776f..a2c064d10448 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -999,7 +999,6 @@ void __init security_fixup_ops(struct security_operations *ops)
 	set_to_cap_if_null(ops, sem_semctl);
 	set_to_cap_if_null(ops, sem_semop);
 	set_to_cap_if_null(ops, netlink_send);
-	set_to_cap_if_null(ops, netlink_recv);
 	set_to_cap_if_null(ops, d_instantiate);
 	set_to_cap_if_null(ops, getprocattr);
 	set_to_cap_if_null(ops, setprocattr);
author	Eric Paris <eparis@redhat.com>	2012-01-03 12:25:16 -0500
committer	Eric Paris <eparis@redhat.com>	2012-01-05 18:53:01 -0500
commit	fd778461524849afd035679030ae8e8873c72b81 (patch)
tree	32a5849c1879413fce0307af304e372eaa8225b4 /security/capability.c
parent	ptrace: do not audit capability check when outputing /proc/pid/stat (diff)
download	linux-dev-fd778461524849afd035679030ae8e8873c72b81.tar.xz linux-dev-fd778461524849afd035679030ae8e8873c72b81.zip