[sclug] root-like read-all but not write ability?

John Stumbles john at stumbles.org.uk
Thu Sep 6 09:05:19 UTC 2007

[Reply to email sent to me not to list]

Bob Dunlop wrote:
> man 7 capabilities
> man 2 capget
> See also libcap documentation.
> I think CAP_DAC_READ_SEARCH is the one you want.
>   Bypass  file  read permission checks and directory read and exe-
>   cute permission checks.


A full implementation of capabilities requires:

        2.  that the kernel provide system calls allowing a thread?s 
capability  sets  to  be  changed  and retrieved.

        3.  file  system  support  for attaching capabilities to an 
executable file, so that a process gains those capabilities when the 
file is execed.

<eh? what happened to 1?>

As at Linux 2.6.14, only the first two of these requirements are met.

Eventually, it should be possible to associate three capability sets 
with an executable file, which, in  conjunction  with the capability 
sets of the thread, will determine the capabilities of a thread after an 

So presumably at some point in the future there will be an extension of 
file attributes (chattr, lsattr) to allow a program to have such 
capabilities when it is run?

>> It's writ in Perl, fwiw
> I guess you'll need to write a C wrapper.

I have enough trouble writing Perl :-(

In any case surely the program would have to be run as (or suid) root 
for the wrapper to set elevated capabilities? At the moment the program 
is barely functional enough for me to use it myself: I'm just thinking 
ahead that if it ever got good enough to be distributed to others it 
would be better if it could be run without dangerously unnecessary 
privileges. However at the rate I'm progressing with it Linux 
'capabilities' will probably be available in the filesystem before my 
prog is ready for human consumption :-)

John Stumbles

More information about the Sclug mailing list