Bruno Haible <[EMAIL PROTECTED]> writes: > - The code uses the Solaris 10 APIs. How about also using the Linux API > for "capabilities" - capget() - that was added in Linux 2.2 and glibc-2.1.x?
Thanks, I wasn't aware of this API. That would be nice to add. > - If priv_allocset fails, the function returns false without considering > geteuid (). > - If getppriv fails, the function also returns false without considering > geteuid (). Yes, that's intentional. If priv_allocset exists, we are on a system where even root might not have the privileges. So if priv_allocset fails we should not fall back on geteuid; we should simply return 0. Similarly for the case where getppriv fails. > And if priv_allocset succeeds, it will not cache the result, > but instead redo the same system calls next time. Is this intentional? I don't follow this point; it looks to me like it caches. Perhaps it's the "else #else" which confused you? (It certainly confuses me...)
