|
|
|
|
|
|
by cyphar
3764 days ago
|
|
|
To be clear, what I meant was that the binary privilege model of Unix is a wart when you consider that it groups vastly different operations together. Capabilities are a step in the right direction, but you still have CAP_SYS_ADMIN. |
|
|