39 CAPABILITIES 797 39.1
Rationale for Capabilities ........................................................................................... 797
39.2
The Linux Capabilities ................................................................................................ 798
39.3
Process and File Capabilities ...................................................................................... 798
39.3.1
Process Capabilities .............................................................................. 798
39.3.2
File Capabilities.................................................................................... 799
39.3.3
Purpose of the Process Permitted and Effective Capability Sets.................... 802
39.3.4
Purpose of the File Permitted and Effective Capability Sets ......................... 802
39.3.5
Purpose of the Process and File Inheritable Sets ........................................ 802
39.3.6
Assigning and Viewing File Capabilities from the Shell.............................. 803
39.4
The Modern Capabilities Implementation...................................................................... 804
39.5
Transformation of Process Capabilities During
exec()
...................................................... 805
39.5.1
Capability Bounding Set ........................................................................ 805
39.5.2
Preserving
root
Semantics ...................................................................... 806
39.6
Effect on Process Capabilities of Changing User IDs ...................................................... 806
39.7
Changing Process Capabilities Programmatically .......................................................... 807
39.8
Creating Capabilities-Only Environments...................................................................... 811
39.9
Discovering the Capabilities Required by a Program...................................................... 813
39.10 Older Kernels and Systems Without File Capabilities ..................................................... 814
39.11 Summary.................................................................................................................. 816
39.12 Exercise ................................................................................................................... 816