Index: sys/kern/capabilities.conf
===================================================================
--- sys/kern/capabilities.conf	(wersja 243142)
+++ sys/kern/capabilities.conf	(kopia robocza)
@@ -337,6 +337,11 @@
 kevent
 
 ##
+## Allow kill(2), as we allow the process to send signals only to himself.
+##
+kill
+
+##
 ## Allow message queue operations on file descriptors, subject to capability
 ## rights.
 ##
Index: sys/kern/kern_sig.c
===================================================================
--- sys/kern/kern_sig.c	(wersja 243142)
+++ sys/kern/kern_sig.c	(kopia robocza)
@@ -1678,6 +1678,14 @@
 	struct proc *p;
 	int error;
 
+	/*
+	 * A process in capability mode can send signals only to himself.
+	 * The main rationale behind this is that abort(3) is implemented as
+	 * kill(getpid(), SIGABRT).
+	 */
+	if (IN_CAPABILITY_MODE(td) && uap->pid != td->td_proc->p_pid)
+		return (ECAPMODE);
+
 	AUDIT_ARG_SIGNUM(uap->signum);
 	AUDIT_ARG_PID(uap->pid);
 	if ((u_int)uap->signum > _SIG_MAXSIG)