On 11/09/2017 01:05 PM, Serge E. Hallyn wrote:
> Would the existing capability bounding set not suffice for that?
>
> The 'permanent' bounding set turns out to not be a good fit for
> the problem being discussed in this thread, but please feel free
> to start a new thread if you want to discuss your use case.
Sure. I will formulate something for a new thread. What seems to be
asked for here is a way to globally patch the capability sets of a
entire process subtree.
-chrish
From 1583612747592433642@xxx Thu Nov 09 18:06:44 +0000 2017
X-GM-THRID: 1583003759650790753
X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread