On Sunday 16 July 2006 14:05, Frank v Waveren wrote:
> On Sun, Jul 16, 2006 at 12:31:51PM +0200, Blaisorblade wrote:
> > On Saturday 15 July 2006 17:23, Frank v Waveren wrote:
> > > I was trying to limit some unecessary capabilities in a UML instance
> > > with /proc/sys/kernel/cap-bound, but it tu
On Sun, Jul 16, 2006 at 12:31:51PM +0200, Blaisorblade wrote:
> On Saturday 15 July 2006 17:23, Frank v Waveren wrote:
> > I was trying to limit some unecessary capabilities in a UML instance
> > with /proc/sys/kernel/cap-bound, but it turned out not to take.
>
> To remove capabilities from the wh
On Saturday 15 July 2006 17:23, Frank v Waveren wrote:
> I was trying to limit some unecessary capabilities in a UML instance
> with /proc/sys/kernel/cap-bound, but it turned out not to take.
To remove capabilities from the whole system (i.e. all processes) the
recommended way wasn't to use lcap
