userns: Kill nsown_capable it makes the wrong thing easy

[~andy/linux] / kernel / pid_namespace.c

diff --git a/kernel/pid_namespace.c b/kernel/pid_namespace.c
index 6917e8edb48e7702714041737657f1e3949bc849..ee1f6bb83d6783bf83d414ea35e9a8ca2faef2cc 100644 (file)
--- a/kernel/pid_namespace.c
+++ b/kernel/pid_namespace.c
@@ -329,7 +329,7 @@ static int pidns_install(struct nsproxy *nsproxy, void *ns)
        struct pid_namespace *ancestor, *new = ns;
 
        if (!ns_capable(new->user_ns, CAP_SYS_ADMIN) ||
-           !nsown_capable(CAP_SYS_ADMIN))
+           !ns_capable(current_user_ns(), CAP_SYS_ADMIN))
                return -EPERM;
 
        /*