pub fn clear() -> Result<()>
Clear the current thread’s ambient capability set.
This is a single prctl() call (PR_CAP_AMBIENT_CLEAR_ALL) that removes all capabilities supported by the kernel from the ambient set.
prctl()
PR_CAP_AMBIENT_CLEAR_ALL
