K 10
svn:author
V 3
pjd
K 8
svn:date
V 27
2011-03-21T21:31:50.991596Z
K 7
svn:log
V 339
When dropping privileges prefer capsicum over chroot+setgid+setuid.
We can use capsicum for secondary worker processes and hastctl.
When working as primary we drop privileges using chroot+setgid+setuid
still as we need to send ioctl(2)s to ggate device, for which capsicum
doesn't allow (yet).

X-MFC after:	capsicum is merged to stable/8

END