path: root/community/gsoc/project_ideas/libcap/details.mdwn
diff options
authorThomas Schwinge <>2010-11-29 13:41:16 +0100
committerThomas Schwinge <>2010-11-29 13:41:16 +0100
commit38368072b37bf73dda26dac536e4aa6cf13c67e4 (patch)
tree383fb519f01899f394dafb52052227773a31e964 /community/gsoc/project_ideas/libcap/details.mdwn
parent6de855d9a8f8c25ffe6ad118012bd9a74e6c13fe (diff)
system_call: New.
Diffstat (limited to 'community/gsoc/project_ideas/libcap/details.mdwn')
1 files changed, 4 insertions, 4 deletions
diff --git a/community/gsoc/project_ideas/libcap/details.mdwn b/community/gsoc/project_ideas/libcap/details.mdwn
index aa27a84..8569597 100644
--- a/community/gsoc/project_ideas/libcap/details.mdwn
+++ b/community/gsoc/project_ideas/libcap/details.mdwn
@@ -5,8 +5,8 @@ id="license" text="Permission is granted to copy, distribute and/or modify this
document under the terms of the GNU Free Documentation License, Version 1.2 or
any later version published by the Free Software Foundation; with no Invariant
Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license
-is included in the section entitled
-[[GNU Free Documentation License|/fdl]]."]]"""]]
+is included in the section entitled [[GNU Free Documentation
[[!meta title="Details on implementing libcap"]]
@@ -59,7 +59,7 @@ Each process has a three bit fields representing each of the three
sets (P, E and I). Each bit field is currently built up of two (32
bit) integers to be able to hold the 33 currently defined capabilities
(see linux/capability.h). Each process further has a bounding set which
-bounds the permitted set. Two syscalls handles the setting and getting
+bounds the permitted set. Two [[system call]]s handles the setting and getting
of capabilities; *capset* and *capget*. Some related functionality
can also be controlled by calling *prctl*: the right to read/drop the
bounding capabilities (PR_CAPBSET_READ/PR_CAPBSET_DROP) and whether
@@ -428,7 +428,7 @@ the following (also detailed somewhat in the same article):
* Execute process as root (or setuid) to gain all capabilities.
-* Use the prctl system call to enable keepcaps for the process
+* Use the prctl [[system call]] to enable keepcaps for the process
(same(?) effect as enabling SECURE_NO_SETUID_FIXUP for the process).
keepcaps should be off by default.