Linux's Security Capabilities: Capabilities: Setting capabilities to processes

Linux's Security Capabilities

2.4 Setting capabilities to processes

Use the execcap utility to start a process with a limited set of capabilities:
- execcap <caps> <command-path> command-args...
  - Will execute a tamagoshi server on priviliged port 999.
  - Process runs as root but can only use priviliged ports
  - If a vulnerability appears in the server, it could be used to gain access to files owned by root.
Use the sucap utility to start a process with a limited set of capabilities and to specify the user and group ID the program should execute as:
- sucap <user> <group> <caps> <command-path> command-args...
  - Will execute a tamagoshi server as user tama of group tama but has capability to open priviliges port
  - If a vulnerability appears in the server, it will only enable access to files owned by tama
  - Caution: In some cases the file will start executing itself without having it's capabilities granted. This will disapear as soon as capabilities will be managed at the file level.

Linux's Security Capabilities

® © Hervé Schauer Consultants 2000 - 4 bis, rue de la gare - 92300 Levallois-Perret
Phone : +33 141 409 700 - Fax : +33 141 409 709 - Email : <secretariat@hsc.fr>