]> git.ipfire.org Git - thirdparty/man-pages.git/commit
projects / thirdparty / man-pages.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7370022) | patch
capabilities.7: srcfix: Removed FIXME
authorMichael Kerrisk <mtk.manpages@gmail.com>
Sun, 1 Jul 2018 08:56:24 +0000 (10:56 +0200)
committerMichael Kerrisk <mtk.manpages@gmail.com>
Sun, 1 Jul 2018 09:42:07 +0000 (11:42 +0200)
commit54254ef33a2f5ebf0c82ee6cc556935ae20aefa4
tree1d5ae7e767dfba6b150b0839ad2b82a1b10d37b8tree | snapshot
parent737002259ff6e9940b07fcf95e91b141cfad884bcommit | diff
capabilities.7: srcfix: Removed FIXME

No credential match of file UID and namespace creator UID
is needed to create a v3 security extended attribute.

Verified by experiment using my userns_child_exec.c and
show_creds.c programs (available on http://man7.org/tlpi/code):

    $ sudo setcap cap_setuid,cap_dac_override=pe \
            ./userns_child_exec
    $ ./userns_child_exec -U -r setcap cap_kill=pe show_creds
    $ ./userns_child_exec -U -M '0 1000 10' -G '0 1000 1' \
            -s 1 ./show_creds
    eUID = 1;  eGID = 0;  capabilities: = cap_kill+ep

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
man7/capabilities.7 diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.