README
1POSIX capabilities are pieces of root privilege, for instance
2CAP_SYS_NICE to set priority on other tasks and CAP_SYS_TIME
3to set system time. See
4http://www.kernel.org/pub/linux/libs/security/linux-privs/kernel-2.4/capfaq-0.2.txt
5for more information.
6
7A task's capabilities are set when it executes a new file, and
8when it explicitly changes them (see capset(2)). After exec,
9the task's new capabilities are a function of its previous
10capabilities and the file's capabilities:
11
12 pI' = pI
13 pP' = fP | (fI & pI)
14 pE' = fE ? pP' : 0
15
16Where pX is capability set X for process p before exec, pX' is
17capability set X for process P after exec and fX is file
18capability set X. The capability sets are I for inheritable,
19P for permitted, and E for effective. Note that fE is a
20boolean rather than a set.
21
22File capabilities are stored in extended attributes named
23'security.capability.' Setting this xattr requires the
24CAP_SETFCAP capability when the capability security module is
25loaded, or CAP_SYS_ADMIN when it is not.
26
27The following tests are implemented here:
28
29inh_capped: check whether a process without CAP_SETPCAP
30 is properly prohibited from raising bits in its
31 inheritable set using setcap.
32
33verify_caps_exec:
34 1. check that privilege is needed to set file capabilities
35 2. check that pI', pP', and pE' are properly
36 calculated upon exec.
37The Underlying kernel needs to be built with the following options for filecaps testing:
38CONFIG_SECURITY_CAPABILITIES=y
39
40