summaryrefslogtreecommitdiff
path: root/security/advanced/frm_capabilities.tex
diff options
context:
space:
mode:
Diffstat (limited to 'security/advanced/frm_capabilities.tex')
-rw-r--r--security/advanced/frm_capabilities.tex2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/advanced/frm_capabilities.tex b/security/advanced/frm_capabilities.tex
index 5acd8e9..d4a2890 100644
--- a/security/advanced/frm_capabilities.tex
+++ b/security/advanced/frm_capabilities.tex
@@ -205,7 +205,7 @@ Scenario for dropping capabilities in suid-root processes
\item effective: drop all
\item permitted: keep only required
\end{itemize}
-\item set SEC\_KEEP\_CAPS (prctl(PR\_SET\_KEEPCAPS, 1))
+\item preserve capabilities (prctl(PR\_SET\_KEEPCAPS, 1))
\item set all UIDs to non-zero
\item raise capability in effecive set before calling a privileged syscall
\item drop capability from effective set after syscall
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-10 10:17:39 +0000