Description of problem: When POSIX capabilities were introduced during the 2.1 Linux cycle, the fs mask, which represents the capabilities which having fsuid==0 is supposed to grant, did not include CAP_MKNOD and CAP_LINUX_IMMUTABLE. However, before capabilities the privilege to call these did in fact depend upon fsuid==0. This patch introduces those capabilities into the fsmask, restoring the old behavior. See the thread starting at http://lkml.org/lkml/2009/3/11/157 for reference. Note that if this fix is deemed valid, then earlier kernel versions (2.4 and 2.2) ought to be fixed too. Changelog: [Mar 23] Actually delete old CAP_FS_SET definition... [Mar 20] Updated against J. Bruce Fields's patch Upstream commit: http://git.kernel.org/linus/0ad30b8fd5fe798aae80df6344b415d8309342cc
http://lwn.net/Articles/328572/
Upstream commit for 2.4: http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.4.37.y.git;a=commitdiff;h=1c06d5237647db43cb2043a19cb393f4ed4d942f
Add issue 296769.
This issue has been addressed in following products: MRG for RHEL-5 Via RHSA-2009:1081 https://rhn.redhat.com/errata/RHSA-2009-1081.html