Capability algorithm change

Capability inheritance algorithm has changed during the testing phase and after writing the first version of the LinSec specification. It has been decided to leave the original document unchanged and publish all the changes as a set of separate documents.

The new capability inheritance algorithm, implemented in kernel/linsec_exec.c function linsec_compute_creds is as follows:

I* = I & fA

P* = (fF | (I* | uP)) & uB & gB

E* = P* & fE

Where I*, P* and E* are the new inheritable, permitted and effective capability sets respectively. fA, fF and fE are file allowed, forced and effective capability sets. uB is user bounding set and gB is global bounding set.

The change of semantics is: inheritance is controlled both by the executing process' inheritable set and the allowed set of the executed program. In this way, the inherited capabilities can be controlled.