Sendmail Workaround for Linux Capabilities Bug (fwd)
Andrew Morgan
morgan at transmeta.com
Fri Jun 9 01:23:02 GMT 2000
Robert Watson wrote:
> Linux capabilities are implemented such that root processes have all
> capabilities, which are used to authorize privileged requests, and may
> give up these capabilities. In addition, my understanding is that the
> kernel tracks whether or not a process has demonstrated it is
> "capability-aware" to determine certain inheritence semantics. I haven't
> worked with this behavior in Linux, so don't claim to have a complete
> understanding, and would welcome a more complete (and possibly more
> correct) description.
More information about the posix1e
mailing list