capabilities.7: srcfix: Removed FIXME

No credential match of file UID and namespace creator UID
is needed to create a v3 security extended attribute.

Verified by experiment using my userns_child_exec.c and
show_creds.c programs (available on http://man7.org/tlpi/code):

    $ sudo setcap cap_setuid,cap_dac_override=pe \
            ./userns_child_exec
    $ ./userns_child_exec -U -r setcap cap_kill=pe show_creds
    $ ./userns_child_exec -U -M '0 1000 10' -G '0 1000 1' \
            -s 1 ./show_creds
    eUID = 1;  eGID = 0;  capabilities: = cap_kill+ep

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>

diff --git a/man7/capabilities.7 b/man7/capabilities.7
index 6b24785fb61c0962b223b1d9ee1bd4cb963d1e60..a9b3687d0231456fb70c16b6e0b1aa1a6e9179d3 100644 (file)
--- a/man7/capabilities.7
+++ b/man7/capabilities.7
@@ -1016,9 +1016,6 @@ meaning that (a) the thread has the
 capability in its own user namespace;
 and (b) the UID and GID of the file inode have mappings in
 the writer's user namespace.
-.\" FIXME
-.\" Does there also need to be some kind of credential match
-.\" between the file and the namespace creator UID?
 .PP
 When a
 .BR VFS_CAP_REVISION_3