From afcc78aae356c287177b2ed71f3448258a323fbd Mon Sep 17 00:00:00 2001 From: T K Sourabh Date: Thu, 21 Dec 2017 15:58:26 +0530 Subject: [PATCH] Corrected descriptions for MAC_ADMIN and MAC_OVERRIDE The description for capabilities are mismatched for MAC_ADMIN and MAC_OVERRIDE. Signed-off-by: T K Sourabh --- docs/reference/run.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/reference/run.md b/docs/reference/run.md index 66bd878b19..b65504b62b 100644 --- a/docs/reference/run.md +++ b/docs/reference/run.md @@ -1198,8 +1198,8 @@ The next table shows the capabilities which are not granted by default and may b | SYS_TIME | Set system clock (settimeofday(2), stime(2), adjtimex(2)); set real-time (hardware) clock. | | SYS_TTY_CONFIG | Use vhangup(2); employ various privileged ioctl(2) operations on virtual terminals. | | AUDIT_CONTROL | Enable and disable kernel auditing; change auditing filter rules; retrieve auditing status and filtering rules. | -| MAC_OVERRIDE | Allow MAC configuration or state changes. Implemented for the Smack LSM. | -| MAC_ADMIN | Override Mandatory Access Control (MAC). Implemented for the Smack Linux Security Module (LSM). | +| MAC_ADMIN | Allow MAC configuration or state changes. Implemented for the Smack LSM. | +| MAC_OVERRIDE | Override Mandatory Access Control (MAC). Implemented for the Smack Linux Security Module (LSM). | | NET_ADMIN | Perform various network-related operations. | | SYSLOG | Perform privileged syslog(2) operations. | | DAC_READ_SEARCH | Bypass file read permission checks and directory read and execute permission checks. |