From cd03b6d85930eaf8f68240cd3e91a6bcf5035c53 Mon Sep 17 00:00:00 2001
From: Holger Dengler <dengler@linutronix.de>
Date: Fri, 28 Oct 2016 16:57:24 +0200
Subject: security: Review findings (Holger, John)

Signed-off-by: Holger Dengler <dengler@linutronix.de>
---
 security/advanced/frm_capabilities.tex | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'security/advanced/frm_capabilities.tex')

diff --git a/security/advanced/frm_capabilities.tex b/security/advanced/frm_capabilities.tex
index 5acd8e9..d4a2890 100644
--- a/security/advanced/frm_capabilities.tex
+++ b/security/advanced/frm_capabilities.tex
@@ -205,7 +205,7 @@ Scenario for dropping capabilities in suid-root processes
  \item effective: drop all
  \item permitted: keep only required
  \end{itemize}
-\item set SEC\_KEEP\_CAPS (prctl(PR\_SET\_KEEPCAPS, 1))
+\item preserve capabilities (prctl(PR\_SET\_KEEPCAPS, 1))
 \item set all UIDs to non-zero
 \item raise capability in effecive set before calling a privileged syscall
 \item drop capability from effective set after syscall
-- 
cgit v1.2.3