Capsicum not enabled by default on ARM

I submitted this a while back, but never heard back:

What concerns me about this is that cap_enter() doesn't kill the program if it's disabled. I don't think any compiler warnings are sent, nor anything at run time. It just silently doesn't work, which I don't like as Capsicum is being utilized more and more, and if it's not working, it should be thoroughly known and documented.

To be clear, I can compile a program that calls cap_enter() on ARM, it will build and run, but never "work" if you actually test for the functionality. It just silently doesn't work.

Of course if it can be enabled, that would also be great. But making it more obvious when it's not working and enabling it on ARM, seems the most ideal to me.

Not really sure where/how to pursue this further.

Funny how things happen bunched up. I just added cap_enter() in some program, and it did nothing, except return -1. (After adding the options and rebooting, it returned 0, and things broke here and there as expected).

Shouldn't you be testing it yourself? if (cap_enter()) abort(); ?


Couldn't help checking, syscall(out_of_range); results in SIGSYS, around 550.