X-Git-Url: http://nv-tegra.nvidia.com/gitweb/?p=linux-3.10.git;a=blobdiff_plain;f=kernel%2Fpid_namespace.c;h=fdbd0cdf271ae4ce6ad016f8b826510865fe3600;hp=560da0dab230aab631dab7003597815fc4d21c6b;hb=5e4a08476b50fa39210fca82e03325cc46b9c235;hpb=520d9eabce18edfef76a60b7b839d54facafe1f9

diff --git a/kernel/pid_namespace.c b/kernel/pid_namespace.c
index 560da0d..fdbd0cd 100644
--- a/kernel/pid_namespace.c
+++ b/kernel/pid_namespace.c
@@ -325,7 +325,8 @@ static int pidns_install(struct nsproxy *nsproxy, void *ns)
 	struct pid_namespace *active = task_active_pid_ns(current);
 	struct pid_namespace *ancestor, *new = ns;
 
-	if (!ns_capable(new->user_ns, CAP_SYS_ADMIN))
+	if (!ns_capable(new->user_ns, CAP_SYS_ADMIN) ||
+	    !nsown_capable(CAP_SYS_ADMIN))
 		return -EPERM;
 
 	/*