The Linux Programming Interface by Kerrisk Michael

Author:Kerrisk, Michael [Michael Kerrisk]
Language: eng
Format: epub, mobi
Tags: COMPUTERS / Programming / Open Source
ISBN: 9781593272913
Publisher: No Starch Press
Published: 2011-02-10T16:00:00+00:00

Creating Capabilities-Only Environments

In the preceding pages, we have described various ways in which a process with the user ID 0 (root) is treated specially with respect to capabilities:

When a process with one or more user IDs that equal 0 sets all of its user IDs to nonzero values, its permitted and effective capability sets are cleared. (See Section 39.6.)

When a process with an effective user ID of 0 changes that user ID to a nonzero value, it loses its effective capabilities. When the reverse change is made, the permitted capability set is copied to the effective set. A similar procedure is followed for a subset of capabilities when the process’s file-system user ID is switched between 0 and nonzero values. (See Section 39.6.)

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.