Author: emaste Date: Mon Mar 30 18:24:07 2020 New Revision: 359451 URL: https://svnweb.freebsd.org/changeset/base/359451
Log: capabilities.conf: provide information about capmode permitted syscalls Reviewed by: jhb (earlier) MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D24118 Modified: head/sys/kern/capabilities.conf Modified: head/sys/kern/capabilities.conf ============================================================================== --- head/sys/kern/capabilities.conf Mon Mar 30 18:15:36 2020 (r359450) +++ head/sys/kern/capabilities.conf Mon Mar 30 18:24:07 2020 (r359451) @@ -28,6 +28,11 @@ ## ## List of system calls enabled in capability mode, one name per line. ## +## System calls listed here operate either fully or partially in the absence +## of global namespaces or ambient authority. In capability mode system calls +## that operate only on global namespaces or require ambient authority have no +## utility and thus are not permitted. +## ## Notes: ## - sys_exit(2), abort2(2) and close(2) are very important. ## - Sorted alphabetically, please keep it that way. _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "[email protected]"
