commit | 149afc688a53839e57ca541dfa1f84c946bb6399 | [log] [tgz] |
---|---|---|
author | Dan Walsh <dwalsh@redhat.com> | Mon Jun 13 13:24:38 2011 -0400 |
committer | Eric Paris <eparis@redhat.com> | Fri Aug 26 14:28:23 2011 -0400 |
tree | f5174dea53b41b8c89d6418f1db8eb398e032c47 | |
parent | d6c09608cd6a1c29fa2befd1b9769350f3bdee50 [diff] |
policycoreutils: sandbox: add -C option to not drop all capabilities Some sandbox might want to be able to run a suid app. Add the -C option to allow capabilities to stay in the bounding set, and thus be allowed inside the sandbox. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>