resolve: update comment, avoid alarming wrongness

`systemd-resolved.service` runs as `User=systemd-resolved`, and uses certain
Capabilit{y,ies} magic. By my understanding, this means it is started with a
number of "privileges".  Indeed, `capabilities(7)` explains

> Linux divides  the  privileges  traditionally
> associated  with  superuser into distinct units, known as capabilities,
> which can be independently enabled and disabled."

This situation appears to contradict our current code comment which said

> If we are not running as root we assume all privileges are already dropped.

This appears to be a confusion in the comment only.  The rest of the code
tells a much clearer story.  (Don't ask me if the story is correct.
`capabilities(7)` scares me).  Let's tweak the comment to make it consistent
and avoid worrying readers about this.

diff --git a/src/resolve/resolved.c b/src/resolve/resolved.c
index d4d6cba201a8bd1ac6c62159d230546b77f28aea..fbae0b28be8a7ddabed0dfc96ae693547bb01313 100644 (file)
--- a/src/resolve/resolved.c
+++ b/src/resolve/resolved.c
@@ -50,7 +50,7 @@ int main(int argc, char *argv[]) {
                 goto finish;
         }
 
-        /* Drop privileges, but only if we have been started as root. If we are not running as root we assume all
+        /* Drop privileges, but only if we have been started as root. If we are not running as root we assume most
          * privileges are already dropped. */
         if (getuid() == 0) {