Update comments on ambient caps to point to bug

PiperOrigin-RevId: 376747671

2 files changed, 2 insertions, 2 deletions

diff --git a/pkg/sentry/kernel/auth/credentials.go b/pkg/sentry/kernel/auth/credentials.go
index 6862f2ef5..3325fedcb 100644
--- a/pkg/sentry/kernel/auth/credentials.go
+++ b/pkg/sentry/kernel/auth/credentials.go
@@ -125,7 +125,7 @@ func NewUserCredentials(kuid KUID, kgid KGID, extraKGIDs []KGID, capabilities *T
 		creds.EffectiveCaps = capabilities.EffectiveCaps
 		creds.BoundingCaps = capabilities.BoundingCaps
 		creds.InheritableCaps = capabilities.InheritableCaps
-		// TODO(nlacasse): Support ambient capabilities.
+		// TODO(gvisor.dev/issue/3166): Support ambient capabilities.
 	} else {
 		// If no capabilities are specified, grant capabilities consistent with
 		// setresuid + setresgid from NewRootCredentials to the given uid and
diff --git a/runsc/specutils/specutils.go b/runsc/specutils/specutils.go
index 11b476690..c228d6299 100644
--- a/runsc/specutils/specutils.go
+++ b/runsc/specutils/specutils.go
@@ -246,7 +246,7 @@ func Capabilities(enableRaw bool, specCaps *specs.LinuxCapabilities) (*auth.Task
 		if caps.PermittedCaps, err = capsFromNames(specCaps.Permitted, skipSet); err != nil {
 			return nil, err
 		}
-		// TODO(nlacasse): Support ambient capabilities.
+		// TODO(gvisor.dev/issue/3166): Support ambient capabilities.
 	}
 	return &caps, nil
 }