On Thu, 5 Mar 2015, Serge E. Hallyn wrote: > > > So I'd say drop this change ^ > > > > Then the ambient caps get ignored for a executables that have capabilities > > seton the file? > > Yes. Those are assumed to already know what they're doing. Ok can we get this patch merged now if I do this change (effectively ambient caps for binaries that have no caps set) and deal with the other issues later? This would cover most of the use cases here at least. -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
