diff options
Diffstat (limited to 'kernel/seccomp.c')
-rw-r--r-- | kernel/seccomp.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/kernel/seccomp.c b/kernel/seccomp.c index 301bbc24739c..e2eb71b1e970 100644 --- a/kernel/seccomp.c +++ b/kernel/seccomp.c @@ -224,7 +224,7 @@ static long seccomp_attach_filter(struct sock_fprog *fprog) * This avoids scenarios where unprivileged tasks can affect the * behavior of privileged children. */ - if (!current->no_new_privs && + if (!task_no_new_privs(current) && security_capable_noaudit(current_cred(), current_user_ns(), CAP_SYS_ADMIN) != 0) return -EACCES; |