The way the logic was presented, it was awkward to read and verify. Invert the logic using DeMorgan's Law to be more easily able to read and understand.
Signed-off-by: Richard Guy Briggs <[email protected]> --- security/commoncap.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/security/commoncap.c b/security/commoncap.c index 9520f0a..664d6a5 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -608,7 +608,7 @@ int cap_bprm_set_creds(struct linux_binprm *bprm) * Number 1 above might fail if you don't have a full bset, but I think * that is interesting information to audit. */ - if (pESET && (!pEALL || !EROOT || !RROOT || !SROOT) ) { + if (pESET && !(pEALL && EROOT && RROOT && SROOT) ) { ret = audit_log_bprm_fcaps(bprm, new, old); if (ret < 0) return ret; -- 1.7.1 -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
