execve.2: File capabilities can be ignored for the same reasons as set-UID/set-GID

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-12-15 10:02:59 +01:00 · 2016-12-15 10:02:59 +01:00 · 3b21b29e5c
parent 9faff76894
commit 3b21b29e5c
1 changed files with 4 additions and 0 deletions
--- a/man2/execve.2
+++ b/man2/execve.2
@ -117,6 +117,10 @@ or
 .IP *
 the calling process is being ptraced.
 .PP
+The capabilities of the program file (see
+.BR capabilities (7))
+are also if any of the above are true.
+.PP
 The effective user ID of the process is copied to the saved set-user-ID;
 similarly, the effective group ID is copied to the saved set-group-ID.
 This copying takes place after any effective ID changes that occur