As discussed with Linus and Andy, we need to reset the stack rlimit before we do memory layouts when execing a privilege-gaining (e.g. setuid) program. This moves security_bprm_secureexec() earlier (with required changes), and then lowers the stack limit when appropriate. As a side-effect, dumpability is expanded to cover capabilities and other LSM definitions of secureexec, and Smack can drop its special handler for pdeath_signal clearing. I'd appreciate some extra eyes on this to make sure this isn't broken in some special way. I couldn't find anything that _depended_ on security_bprm_secureexec() being called late. Thanks! -Kees