pub fn drop(
tid: Option<i32>,
cset: CapSet,
cap: Capability,
) -> Result<(), CapsError>Expand description
Drop a single capability from a set for a thread.
Capabilities cap will be dropped from set cset of thread tid.
If tid is None, this operates on current thread (tid=0).
It cannot manipulate Ambient and Bounding sets of other processes.