since SELinux limited process security transitions to execve (2) (see the description of /proc ... assign to the process upon a subsequent execve (2). In SELinux, this is neededchildren can never gain new privileges through execve() (e.g. via setuid or setgid bits ... still possible that the subsequent execve() may fail if the policy does not allowparticular before the new process has called execve() to invoke the actual service binary). Typically ... will not proceed before both fork() and execve() in the service process su…currently executing program was started via execve (2). The entries are separated by null bytes ... /proc/1/environ | tr '\000' '\n' If, after an execve (2), the process modifies i…size (1), strings (1), strip (1), execve (2), dl_iterate_phdr (3), core (5), ld.sochildren can never gain new privileges through execve (2) (e.g. via setuid or setgid bitschildren can never gain new privileges through execve (2) (e.g. via setuid or setgid bitscapabilities permitted to a process during execve (2). Starting with Linux 2.6.25, the system-wide/proc/ pid /cmdline file. If, after an execve (2), the process modifies its argv stringschildren can never gain new privileges through execve (2) (e.g. via setuid or setgid bitschildren can never gain new privileges through execve (2) (e.g. via setuid or setgid bitsrecorded regardless if the immediately following execve() system call succeeds or fails). This is often