Signed-off-by: Samuel Karp <skarp@xxxxxxxxxx> --- man7/capabilities.7 | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/man7/capabilities.7 b/man7/capabilities.7 index bcf6309e5..9f7ee670a 100644 --- a/man7/capabilities.7 +++ b/man7/capabilities.7 @@ -44,6 +44,8 @@ .\" capability, then we must also set the effective flag for all .\" other capabilities where the permitted or inheritable bit is set. .\" 2011-09-07, mtk/Serge hallyn: Add CAP_SYSLOG +.\" 2019-04-10, Samuel Karp <skarp@xxxxxxxxxx> +.\" Clarify wording for Inheritable thread capability sets. .\" .TH CAPABILITIES 7 2019-03-06 "Linux" "Linux Programmer's Manual" .SH NAME @@ -831,7 +833,8 @@ a program whose associated file capabilities grant that capability). .TP .IR Inheritable This is a set of capabilities preserved across an -.BR execve (2). +.BR execve (2) +when running as a root user. Inheritable capabilities remain inheritable when executing any program, and inheritable capabilities are added to the permitted set when executing a program that has the corresponding bits set in the file inheritable set. -- 2.21.0
