mirror of https://github.com/mkerrisk/man-pages
attr.7: File capabilities are implemented using *security* attributes
Not *system* attributes Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
68d53b6d9c
commit
d8ba76940b
|
@ -81,7 +81,8 @@ extended attribute classes are defined as described below.
|
|||
Additional classes may be added in the future.
|
||||
.SS Extended security attributes
|
||||
The security attribute namespace is used by kernel security modules,
|
||||
such as Security Enhanced Linux.
|
||||
such as Security Enhanced Linux, and also to implement file capabilities (see
|
||||
.BR capabilities (7)).
|
||||
Read and write access permissions to security attributes depend on the
|
||||
policy implemented for each security attribute by the security module.
|
||||
When no security module is loaded, all processes have read access to
|
||||
|
@ -91,7 +92,7 @@ that have the
|
|||
capability.
|
||||
.SS Extended system attributes
|
||||
Extended system attributes are used by the kernel to store system
|
||||
objects such as Access Control Lists and Capabilities.
|
||||
objects such as Access Control Lists.
|
||||
Read and write
|
||||
access permissions to system attributes depend on the policy implemented
|
||||
for each system attribute implemented by filesystems in the kernel.
|
||||
|
|
Loading…
Reference in New Issue