[PATCH 4/4] cap_get_proc.3: change "current process" to "calling process"

Andrew G. Morgan morgan at kernel.org
Thu Jun 11 15:59:12 UTC 2020


Thanks. All applied:

https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=589f1f1624528a5153e27f6c54ae49d7beaa183f

Cheers

Andrew

On Tue, Jun 9, 2020 at 11:57 PM Michael Kerrisk (man-pages)
<mtk.manpages at gmail.com> wrote:
>
> The term "current process" is kernel-developer speak that is often not
> understood by user-space programmers. Change to "calling process",
> which is clearer.
>
> Signed-off-by: Michael Kerrisk (man-pages) <mtk.manpages at gmail.com>
> ---
>  doc/cap_get_proc.3 | 20 ++++++++++----------
>  1 file changed, 10 insertions(+), 10 deletions(-)
>
> diff --git a/doc/cap_get_proc.3 b/doc/cap_get_proc.3
> index 0238601..b0a61d1 100644
> --- a/doc/cap_get_proc.3
> +++ b/doc/cap_get_proc.3
> @@ -89,7 +89,7 @@ file.
>  with a
>  .I  cap
>  as an argument returns the current value of this bounding set
> -capability flag in effect for the current process. This operation is
> +capability flag in effect for the calling process. This operation is
>  unprivileged. Note, a macro function
>  .BR "CAP_IS_SUPPORTED(cap_value_t " cap )
>  is provided that evaluates to true (1) if the system supports the
> @@ -122,11 +122,11 @@ capability set must have a raised
>  .BR CAP_SETPCAP .
>  Further, to raise a specific ambient capability the
>  .IR inheritable " and " permitted
> -sets of the current process must contain the specified capability, and
> +sets of the calling process must contain the specified capability, and
>  raised ambient bits will only be retained as long as this remains true.
>  .PP
>  .BR cap_reset_ambient ()
> -resets all of the ambient capabilities for the current process to
> +resets all of the ambient capabilities for the calling process to
>  their lowered value. To complete successfully, the prevailing
>  .I effective
>  capability set must have a raised
> @@ -139,12 +139,12 @@ changes to the inheritable set by the program code without explicitly
>  fixing up the ambient set can also drop ambient bits.
>  .PP
>  .BR cap_get_secbits ()
> -returns the securebits of the current process. These bits affect the
> -way in which the current process implements things like setuid-root
> +returns the securebits of the calling process. These bits affect the
> +way in which the calling process implements things like setuid-root
>  fixup and ambient capabilities.
>  .PP
>  .BR cap_set_secbits ()
> -attempts to modify the securebits of the current process. Note
> +attempts to modify the securebits of the calling process. Note
>  .B CAP_SETPCAP
>  must be in the effective capability set for this to be effective. Some
>  settings lock the sub-states of the securebits, so attempts to set values
> @@ -274,13 +274,13 @@ attempts to set the capabilities of some other process(es),
>  If
>  .I pid
>  is positive it refers to a specific process;  if it is zero, it refers
> -to the current process; \-1 refers to all processes other than the
> -current process and process '1' (typically
> +to the calling process; \-1 refers to all processes other than the
> +calling process and process '1' (typically
>  .BR init (8));
>  other negative values refer to the
>  .I \-pid
>  process group.  In order to use this function, the kernel must support
> -it and the current process must have
> +it and the calling process must have
>  .B CAP_SETPCAP
>  raised in its Effective capability set. The capabilities set in the
>  target process(es) are those contained in
> @@ -288,7 +288,7 @@ target process(es) are those contained in
>  Kernels that support filesystem capabilities redefine the semantics of
>  .B CAP_SETPCAP
>  and on such systems this function will always fail for any target not
> -equal to the current process.
> +equal to the calling process.
>  .BR capsetp ()
>  returns zero for success, and \-1 on failure.
>
> --
> 2.26.2
>



More information about the Linux-security-module-archive mailing list