Re: [PATCH] capabilities: Ambient capability set V1

From: Christoph Lameter
Date: Mon Feb 23 2015 - 11:50:47 EST

On Mon, 23 Feb 2015, Serge E. Hallyn wrote:

> > I do not see a problem with dropping privilege since the ambient set
> > is supposed to be preserved across a drop of priviledge.
> Because you're tricking the program into thinking it has dropped
> the privilege, when in fact it has not.

So the cap was dropped from the cap perm set but it is still active
in the ambient set?
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at