[klibc] [PATCH v1 2/2] run-init: Add drop_capabilities support.

H. Peter Anvin hpa at zytor.com
Tue Aug 2 17:48:57 PDT 2011


On 08/02/2011 04:37 PM, Mike Waychison wrote:
> 
> Perhaps the right approach is to not drop the effective and permitted
> masks as Andrew pointed out, and do all this from kinit, not from
> run-init while /proc is mounted?
> 

Well, we should really move /proc et al into the new root, if nothing
else to match switch_root.

	-hpa



More information about the klibc mailing list