Changeset View
Changeset View
Standalone View
Standalone View
head/sys/kern/capabilities.conf
Show First 20 Lines • Show All 344 Lines • ▼ Show 20 Lines | |||||
## | ## | ||||
## Allow kill(2), as we allow the process to send signals only to himself. | ## Allow kill(2), as we allow the process to send signals only to himself. | ||||
## | ## | ||||
kill | kill | ||||
## | ## | ||||
## Allow message queue operations on file descriptors, subject to capability | ## Allow message queue operations on file descriptors, subject to capability | ||||
## rights. | ## rights. | ||||
## NOTE: Corresponding sysents are initialized in sys/kern/uipc_mqueue.c with | |||||
## SYF_CAPENABLED. | |||||
## | ## | ||||
kmq_notify | kmq_notify | ||||
kmq_setattr | kmq_setattr | ||||
kmq_timedreceive | kmq_timedreceive | ||||
kmq_timedsend | kmq_timedsend | ||||
## | ## | ||||
## Allow kqueue(2), we will control use. | ## Allow kqueue(2), we will control use. | ||||
▲ Show 20 Lines • Show All 179 Lines • ▼ Show 20 Lines | |||||
sched_getscheduler | sched_getscheduler | ||||
sched_rr_get_interval | sched_rr_get_interval | ||||
sched_setparam | sched_setparam | ||||
sched_setscheduler | sched_setscheduler | ||||
sched_yield | sched_yield | ||||
## | ## | ||||
## Allow I/O-related file descriptors, subject to capability rights. | ## Allow I/O-related file descriptors, subject to capability rights. | ||||
## NOTE: Corresponding sysents are initialized in sys/netinet/sctp_syscalls.c | |||||
## with SYF_CAPENABLED. | |||||
## | ## | ||||
sctp_generic_recvmsg | sctp_generic_recvmsg | ||||
sctp_generic_sendmsg | sctp_generic_sendmsg | ||||
sctp_generic_sendmsg_iov | sctp_generic_sendmsg_iov | ||||
sctp_peeloff | sctp_peeloff | ||||
## | ## | ||||
## Allow pselect(2) and select(2), which will be scoped by capability rights. | ## Allow pselect(2) and select(2), which will be scoped by capability rights. | ||||
▲ Show 20 Lines • Show All 187 Lines • Show Last 20 Lines |