mirror of https://github.com/mkerrisk/man-pages
capabilities.7: Ambient capabilities do not trigger secure-execution mode
Reported-by: Pierre Chifflier <pollux@debian.org> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
d4dca6b626
commit
5367a9aba9
|
@ -870,6 +870,11 @@ Ambient capabilities are added to the permitted set and
|
||||||
assigned to the effective set when
|
assigned to the effective set when
|
||||||
.BR execve (2)
|
.BR execve (2)
|
||||||
is called.
|
is called.
|
||||||
|
If ambient capabilities cause a process's permitted and effective
|
||||||
|
capabilities to increase during an
|
||||||
|
.BR execve (2),
|
||||||
|
this does not trigger the secure-execution mode described in
|
||||||
|
.BR ld.so (8).
|
||||||
.PP
|
.PP
|
||||||
A child created via
|
A child created via
|
||||||
.BR fork (2)
|
.BR fork (2)
|
||||||
|
|
Loading…
Reference in New Issue