On Thu, May 28, 2020 at 8:53 AM Eric W. Biederman <[email protected]> wrote: > > It makes no sense to set active_per_clear when the kernel decides not > to honor the executables setuid or or setgid bits. Instead set > active_per_clear when the kernel actually decides to honor the suid or > sgid permission bits of an executable.
You seem to be confused about the naming yourself.
You talk about "active_per_clear", but the code is about "per_clear". WTF?
Linus
