mirror of https://github.com/mkerrisk/man-pages
capabilities.7: Ambient capabilities do not trigger secure-execution mode
Reported-by: Pierre Chifflier <pollux@debian.org> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
d4dca6b626
commit
5367a9aba9
|
@ -870,6 +870,11 @@ Ambient capabilities are added to the permitted set and
|
|||
assigned to the effective set when
|
||||
.BR execve (2)
|
||||
is called.
|
||||
If ambient capabilities cause a process's permitted and effective
|
||||
capabilities to increase during an
|
||||
.BR execve (2),
|
||||
this does not trigger the secure-execution mode described in
|
||||
.BR ld.so (8).
|
||||
.PP
|
||||
A child created via
|
||||
.BR fork (2)
|
||||
|
|
Loading…
Reference in New Issue