attr.7: File capabilities are implemented using *security* attributes

Not *system* attributes Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-04-22 09:27:03 +02:00 · 2015-04-22 09:27:03 +02:00 · d8ba76940b
parent 68d53b6d9c
commit d8ba76940b
1 changed files with 3 additions and 2 deletions
--- a/man7/attr.7
+++ b/man7/attr.7
@ -81,7 +81,8 @@ extended attribute classes are defined as described below.
 Additional classes may be added in the future.
 .SS Extended security attributes
 The security attribute namespace is used by kernel security modules,
-such as Security Enhanced Linux.
+such as Security Enhanced Linux, and also to implement file capabilities (see
+.BR capabilities (7)).
 Read and write access permissions to security attributes depend on the
 policy implemented for each security attribute by the security module.
 When no security module is loaded, all processes have read access to
@ -91,7 +92,7 @@ that have the
 capability.
 .SS Extended system attributes
 Extended system attributes are used by the kernel to store system
-objects such as Access Control Lists and Capabilities.
+objects such as Access Control Lists.
 Read and write
 access permissions to system attributes depend on the policy implemented
 for each system attribute implemented by filesystems in the kernel.