From 98c7a036906b9d6d0e2609073e371943295e651f Mon Sep 17 00:00:00 2001
From: Michael Meeks <michael.meeks@collabora.com>
Date: Tue, 5 Jan 2021 18:46:57 +0000
Subject: Drop cap_chown after use.

Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
Change-Id: If5bb5727b8842f30b60f4c9cee392f94d1984dca
---
 kit/Kit.cpp | 1 +
 1 file changed, 1 insertion(+)

(limited to 'kit')

diff --git a/kit/Kit.cpp b/kit/Kit.cpp
index be44f28a34..3c0951cc96 100644
--- a/kit/Kit.cpp
+++ b/kit/Kit.cpp
@@ -2360,6 +2360,7 @@ void lokit_main(
             dropCapability(CAP_SYS_CHROOT);
             dropCapability(CAP_MKNOD);
             dropCapability(CAP_FOWNER);
+            dropCapability(CAP_CHOWN);
 #else
             cap_enter();
 #endif
-- 
cgit