On Fri, 24 Apr 2015, Andy Lutomirski wrote: > Also, in my model you can do: > > $ sudo capset cap_whatever=eip something > $ ./something > > and the program can make its cap be ambient and run a helper. In the > CAP_SETPCAP model, that doesn't work. Dont see too much difference in setting caps and CAP_SETPCAP on "./something" to allow it to set the ambient caps. -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
