diff options
-rw-r--r-- | ChangeLog | 3 | ||||
-rw-r--r-- | Src/utils.c | 6 |
2 files changed, 6 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog index a70adefdd..bb6afe127 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,8 @@ 2023-08-27 Bart Schaefer <schaefer@zsh.org> + * Robert Woods: 52053: Src/utils.c: whitelist capability + CAP_WAKE_ALARM in 'privasserted' function + * Shohei YOSHIDA: 52034: Completion/Unix/Command/_sqlite: update for version 3.42.0 diff --git a/Src/utils.c b/Src/utils.c index 94a33453f..7040d0954 100644 --- a/Src/utils.c +++ b/Src/utils.c @@ -7551,9 +7551,9 @@ privasserted(void) /* POSIX doesn't define a way to test whether a capability set * * is empty or not. Typical. I hope this is conforming... */ cap_flag_value_t val; - cap_value_t n; - for(n = 0; !cap_get_flag(caps, n, CAP_EFFECTIVE, &val); n++) - if(val) { + cap_value_t cap; + for(cap = 0; !cap_get_flag(caps, cap, CAP_EFFECTIVE, &val); cap++) + if(val && cap != CAP_WAKE_ALARM) { cap_free(caps); return 1; } |