keyctl: check capabilities against key's user_ns

ATM, task should only be able to get his own user_ns's keys
anyway, so nsown_capable should also work, but there is no
advantage to doing that, while using key's user_ns is clearer.

changelog: jun 6:
	compile fix: keyctl.c (key_user, not key has user_ns)

Signed-off-by: Serge E. Hallyn <>
Acked-by: David Howells <>
Cc: Eric W. Biederman <>
1 file changed