On Tue, 14 Jul 2015, Andy Lutomirski wrote: > ===== The proposed change ===== > > This patch adds a fifth capability mask called the ambient mask > (pA). pA does what most people expect pI to do. >
This looks good, and I think it will lead to better overall security because people will find capabilities easier to use for real-world scenarios. Has it had enough security review? This is a significant new behavior being added to a widely enabled security module. - James -- James Morris <jmor...@namei.org> -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
