I wonder if Linux might benefit from looking at OpenBSD's systrace facility. Systrace isn't quite like Linux Capabilities, since it deals with access to system calls rather than underlying actions, but it seems fairly similar on a functional level. Maybe the interface used for systrace could benefit Linux.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds