Granting a capability to a service

Steve Grubb sgrubb at
Mon Jul 20 19:26:01 UTC 2015

On Monday, July 20, 2015 11:09:39 AM Andrew Lutomirski wrote:
> On Jul 20, 2015 11:05 AM, "Florian Weimer" <fweimer at> wrote:
> > On 07/20/2015 05:59 PM, Steve Grubb wrote:
> > > Today, any application that wants to manipulate capabilities needs to be
> > > capability aware.
> > 
> > The application does not want to manipulate capabilities.  I do not want
> > to run it as full root.  I don't want to add additional SUID/fscaps to
> > the file system.
> > 
> > It's somewhat silly to add a privilege escalation hatch to the file
> > system in order to run a daemon with *reduced* privileges.
> This is exactly why the ambient caps patch is sitting in -mm.  If you want
> to read it and email a quick review, that might help it along.  :)

The real problem with capabilities is there is no way to say, I trust this 
child process with this capability, but don't let it get inherited beyond this 
process that I'm about to start.


More information about the devel mailing list