validity test in cap_set_proc(), POSIX.1e 25.4.15.2
Andrew Morgan
morgan at transmeta.com
Wed Dec 5 17:07:59 GMT 2001
Robert Watson wrote:
> In our currently implementation, we impose an additional check on cap_p
> provided to cap_set_proc(): we require that the resulting capability set
> be "valid" in the sense that the new effective capabilities be a subset of
> the new permitted capabilities. Does anyone else take this reading, and
> if not, is there a good reason not to?
This is also the interpretation that we used.
Cheers
Andrew
To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message
More information about the posix1e
mailing list