alt Hacker NewsYou may be interested in OpenBSD's pledge[1][2][3].
> Why trust a program to set its own capabilities?
An example may be that a program starts needing a wide range of capabilties but can then ratchet down to a reduced set once running, aka "privdrop".
> why isn't there a way to set capabilities from the parent process when execing?
There have been replies on other systems so just to stick with pledge which provides the abiliy to set "execpromises" to do this.
[1] https://man.openbsd.org/pledge
[2] https://www.openbsd.org/papers/eurobsdcon2017-pledge.pdf
[3] https://www.openbsd.org/papers/BeckPledgeUnveilBSDCan2018.pd...
I think you're talking about "execpromises"?[1] I'll have to study it a bit.
[1] https://bsdb0y.github.io/posts/openbsd-intro-to-update-on-pl...