diff options
| author | Ed Maste <emaste@FreeBSD.org> | 2022-04-19 19:44:46 +0000 |
|---|---|---|
| committer | Ed Maste <emaste@FreeBSD.org> | 2022-04-26 00:55:12 +0000 |
| commit | 870735c46b15feb7bac967b73c548f3732a7a545 (patch) | |
| tree | 651d532670491a4706205727257d5d836608db87 | |
| parent | d818ef7df7330e8b3aac43f5160e102d6a702862 (diff) | |
| download | src-870735c46b15feb7bac967b73c548f3732a7a545.tar.gz src-870735c46b15feb7bac967b73c548f3732a7a545.zip | |
capsicum: briefly describe capabilities in man page
Provide a very brief introduction to capabilities, using a couple of
sentences from David Chisnall's mailing list response[1] to a question
about Linux capabilities and Capsicum.
Mailing list subject (in case the archive URL changes) was
Re: Linux capabilities to Capsicum
[1] https://lists.freebsd.org/archives/freebsd-hackers/2022-April/001032.html
Reviewed by: oshogbo
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D34945
(cherry picked from commit 1f568792c6156988d357ea31a36d77ed11cc9a2d)
| -rw-r--r-- | share/man/man4/capsicum.4 | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/share/man/man4/capsicum.4 b/share/man/man4/capsicum.4 index 0dbd3067e0ea..d9ff9c489fd0 100644 --- a/share/man/man4/capsicum.4 +++ b/share/man/man4/capsicum.4 @@ -26,7 +26,7 @@ .\" .\" $FreeBSD$ .\" -.Dd May 18, 2017 +.Dd April 19, 2022 .Dt CAPSICUM 4 .Os .Sh NAME @@ -39,6 +39,11 @@ .Nm is a lightweight OS capability and sandbox framework implementing a hybrid capability system model. +Capabilities are unforgeable tokens of authority that can be delegated and must +be presented to perform an action. +.Nm +makes file descriptors into capabilities. +.Pp .Nm can be used for application and library compartmentalisation, the decomposition of larger bodies of software into isolated (sandboxed) |