2010/12/21 Miloslav Trmač <mitr(a)volny.cz>:
If an attacker were controlling a process running with uid 0 and no
capabilities at all, and /bin/sh were 0555, nothing prevents the
attacker from chmod()ing /bin/sh to 0755 and overwriting it. This makes
any attempts to change the file permissions rather pointless.
Ah, of course. That makes sense, thanks!
But it leaves me feeling pretty uncertain about the value of trying to
subset capabilities...