HomeFreeBSD

rights.4: various corrections on capability rights

Description

rights.4: various corrections on capability rights

  • A file descriptor obtained from accept(2), accept4(2) and openat(2) is not always assigned all capability rights. Instead, it inherits capability rights from the "parent" socket/dir file descriptor.
  • getdents(2) and getdirentries(2) requires CAP_READ.
  • openat(2) with O_WRONLY|O_TRUNC does not require CAP_SEEK.

Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1207

Details

Provenance
CismonX <admin@cismon.net>Authored on Apr 29 2024, 4:48 AM
impCommitted on Apr 29 2024, 4:48 AM
Parents
rG78444b5ade65: glabel: Add support for Linux swap
Branches
Unknown
Tags
Unknown