Date: Mon, 13 Apr 2020 00:38:02 +0000 (UTC) From: Ed Maste <emaste@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-12@freebsd.org Subject: svn commit: r359842 - stable/12/sys/kern Message-ID: <202004130038.03D0c2md089616@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: emaste Date: Mon Apr 13 00:38:02 2020 New Revision: 359842 URL: https://svnweb.freebsd.org/changeset/base/359842 Log: MFC r359451: capabilities.conf: add info about capmode permitted syscalls Sponsored by: The FreeBSD Foundation Modified: stable/12/sys/kern/capabilities.conf Directory Properties: stable/12/ (props changed) Modified: stable/12/sys/kern/capabilities.conf ============================================================================== --- stable/12/sys/kern/capabilities.conf Mon Apr 13 00:15:30 2020 (r359841) +++ stable/12/sys/kern/capabilities.conf Mon Apr 13 00:38:02 2020 (r359842) @@ -28,6 +28,11 @@ ## ## List of system calls enabled in capability mode, one name per line. ## +## System calls listed here operate either fully or partially in the absence +## of global namespaces or ambient authority. In capability mode system calls +## that operate only on global namespaces or require ambient authority have no +## utility and thus are not permitted. +## ## Notes: ## - sys_exit(2), abort2(2) and close(2) are very important. ## - Sorted alphabetically, please keep it that way.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202004130038.03D0c2md089616>