LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

capabilities.7: Ambient capabilities do not trigger secure-execution mode 

Reported-by: Pierre Chifflier <pollux@debian.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2018-09-13 00:44:15 +02:00
parent d4dca6b626
commit 5367a9aba9
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
man7/capabilities.7
View File

@ -870,6 +870,11 @@ Ambient capabilities are added to the permitted set and
assigned to the effective set when assigned to the effective set when
.BR execve (2) .BR execve (2)
is called. is called.
If ambient capabilities cause a process's permitted and effective
capabilities to increase during an
.BR execve (2),
this does not trigger the secure-execution mode described in
.BR ld.so (8).
.PP .PP
A child created via A child created via
.BR fork (2) .BR fork (2)