Pavel Machek wrote: > On Wed 19-04-06 17:01:53, Lukasz Stelmach wrote: >> Greetings All. >> >> I've found a strange phenomenon associated with capabilities. It seems to be a >> quantum like. >> >> when I run (as root) >> >> delfin:~# /usr/sbin/execcap '= cap_net_raw=ep' /bin/sh -c 'getpcaps $$' >> Capabilities for `2438': =ep cap_setpcap-ep >> >> I don't know what really happens to those capablities I zero. And I can't really >> figure out for when I try the wavefunction collapses >> >> delfin:~# strace -o /dev/null /usr/sbin/execcap '= cap_net_raw=ep' /bin/sh -c \ >> 'getpcaps $$' >> Capabilities for `2461': = cap_net_raw+ep >> >> Strange isn't it? Does it mean that processes can't really drop their privileges? > > Is execcap setuid? strace does not work over setuid... No it's not. And even if it was it sholudn't make any difference when I run execcap logged in as root. -- Było mi bardzo miło. Czwarta pospolita klęska, [...] >Łukasz< Już nie katolicka lecz złodziejska. (c)PP
Attachment:
signature.asc
Description: OpenPGP digital signature
- References:
- quantum capabilities
- From: Lukasz Stelmach <[email protected]>
- Re: quantum capabilities
- From: Pavel Machek <[email protected]>
- quantum capabilities
- Prev by Date: Re: unix socket connection tracking
- Next by Date: Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- Previous by thread: Re: quantum capabilities
- Next by thread: [PATCH] dvb-core: ULE fixes and RFC4326 additions (kernel 2.6.16)
- Index(es):
 |