Page MenuHomeFreeBSD
Differential D8023

Editing for cap_enter(2) and procctl(2).
ClosedPublic
Actions

Authored by kib on Sep 24 2016, 7:39 AM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Apr 18, 2:19 PM
Unknown Object (File)
Fri, Apr 17, 9:28 AM
Unknown Object (File)
Fri, Apr 17, 5:58 AM
Unknown Object (File)
Mon, Apr 13, 9:07 AM
Unknown Object (File)
Sun, Apr 12, 3:58 PM
Unknown Object (File)
Mon, Apr 6, 10:03 AM
Unknown Object (File)
Tue, Mar 31, 6:29 PM
Unknown Object (File)
Tue, Mar 31, 9:49 AM
View All Files
Subscribers
cem
emaste
imp
jilles

Details

Reviewers
cem
wblock
Group Reviewers
manpages
Commits
rS306366: Editing fixes for r306257, documentation for trapcap.
Summary

This is a continuation for D8003.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kib updated this revision to Diff 20669.Sep 24 2016, 7:39 AM
kib retitled this revision from to Editing for cap_enter(2) and procctl(2)..
kib updated this object.
kib edited the test plan for this revision. (Show Details)
kib added a reviewer: wblock.
kib set the repository for this revision to rS FreeBSD src repository - subversion.
kib added subscribers: emaste, cem.
Herald added a reviewer: manpages. · View Herald TranscriptSep 24 2016, 7:39 AM
Herald added a subscriber: imp. · View Herald Transcript
kib mentioned this in D8003: Document trapcap..Sep 24 2016, 7:40 AM
cem accepted this revision.Sep 24 2016, 3:57 PM
cem added a reviewer: cem.
cem added inline comments.
lib/libc/sys/cap_enter.2
75–76 ↗(On Diff #20669)

is it sufficient to remove ", then for any process executing in a capability mode sandbox, "? After all, these errors only occur there. It simplifies the sentence but is maybe less clear if readers are unfamiliar with ENOTCAPABLE/ECAPMODE.

This revision is now accepted and ready to land.Sep 24 2016, 3:57 PM
kib added inline comments.Sep 24 2016, 4:25 PM
lib/libc/sys/cap_enter.2
75–76 ↗(On Diff #20669)

My feel is that a complicated sentence which provides explicit context is overall easier to understand _right_ than the simpler stripped-down statement, in this case.

cem added inline comments.Sep 24 2016, 4:47 PM
lib/libc/sys/cap_enter.2
75–76 ↗(On Diff #20669)

Works for me.

jilles added a subscriber: jilles.Sep 24 2016, 10:45 PM
jilles added inline comments.
lib/libc/sys/cap_enter.2
75–76 ↗(On Diff #20669)

What's more, [ENOTCAPABLE] may occur outside of capability mode, since capability rights are always respected. This might be useful when passing a file descriptor to a process with a lower privilege level. In this case, no SIGTRAP occurs.

Closed by commit rS306366: Editing fixes for r306257, documentation for trapcap. (authored by kib). · Explain WhySep 27 2016, 11:32 AM
This revision was automatically updated to reflect the committed changes.
wblock added inline comments.Sep 30 2016, 3:09 PM
head/lib/libc/sys/cap_enter.2
76

s/either/either an/

Revision Contents
Changeset List

PathSize
head/
lib/
libc/
sys/
8 lines
18 lines

Diff 20738

View Options

head/lib/libc/sys/cap_enter.2

Loading...
View Options

head/lib/libc/sys/procctl.2

Loading...