> Hmm, on second look, it doesn't look like this code does anything. Run ppriv `pgrep dlmgmtd`. With the current code you should see E = P = basic. With altered code, it should be basic,sys_net_config.
We can fine tune it even further by removing those privileges that
belong to the basic set, but we don't use, like file_link_any or proc_info:
priv_set(PRIV_OFF, PRIV_PERMITTED, PRIV_FILE_LINK_ANY, ...
E.g. see ppriv `pgrep nfsd`.
-Artem
