From: Andrew Morton
Date: Tue May 11 2004 - 13:59:08 EST
Neil Schemenauer <nas@xxxxxxxxxxx> wrote:
> Have you seen my capwrap module? I wouldn't call it elegant but
> it is very simple and flexible.
But if the application which you run does execve(), the capabilties are
dropped. And if it does setuid() without first doing
then setuid() also drops capabilities.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/