capabilities.7: Reword a bad sentence in description of capability bounding set.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
author: Nicolas Fran�ois <nicolas.francois@centraliens.net> 2009-09-28 12:44:05 +0200
committer: Michael Kerrisk <mtk.manpages@gmail.com> 2009-09-28 12:46:31 +0200
commit: 576b0bccd1d120880c5d3bbf252c8ac66245103a (patch)
tree: e459b8d54b6eac8b9d8281bac8882ebbe5158141
parent: 4d1de263eb632b7727888d983b3990621eb43aad (diff)
download: man-pages-576b0bccd1d120880c5d3bbf252c8ac66245103a.tar.gz
1 files changed, 4 insertions, 3 deletions
diff --git a/man7/capabilities.7 b/man7/capabilities.7
index 707370e291..94d8629da5 100644
--- a/man7/capabilities.7
+++ b/man7/capabilities.7
@@ -596,9 +596,10 @@ capabilities that may be granted by an executable file.
 The capability bounding set acts as a limiting superset for
 the capabilities that a thread can add to its inheritable set using
 .BR capset (2).
-This means that if the capability is not in the bounding set,
-then a thread can't add one of its permitted capabilities to its
-inheritable set and thereby have that capability preserved in its
+This means that if a capability is not in the bounding set,
+then a thread can't add this capability to its
+inheritable set, even if it was in its permitted capabilities,
+and thereby cannot have this capability preserved in its
 permitted set when it
 .BR execve (2)s
 a file that has the capability in its inheritable set.
author	Nicolas Fran�ois <nicolas.francois@centraliens.net>	2009-09-28 12:44:05 +0200
committer	Michael Kerrisk <mtk.manpages@gmail.com>	2009-09-28 12:46:31 +0200
commit	576b0bccd1d120880c5d3bbf252c8ac66245103a (patch)
tree	e459b8d54b6eac8b9d8281bac8882ebbe5158141
parent	4d1de263eb632b7727888d983b3990621eb43aad (diff)
download	man-pages-576b0bccd1d120880c5d3bbf252c8ac66245103a.tar.gz