Expand description
§capctl
A library for manipulating Linux capabilities and making prctl()
calls.
§Potential Pitfalls
- See Handling of newly-added capabilities. This can create security issues if it is not accounted for.
§Handling of capabilities not supported by the kernel
When a binary using this library is running on an older kernel that does not support a few newly-added capabilities, here is how this library will handle them:
caps::Cap::is_supported()
andcaps::Cap::probe_supported()
can be used to detect that the capability is unsupported (cap.is_supported()
will returnfalse
, andCap::probe_supported()
will not include it in the returned set).caps::CapState
andcaps::FullCapState
will never include the unsupported capability(s) in the returned capability sets.- Trying to include the unsupported capability(s) in the new permitted/effective/inheritable
sets with
caps::CapState::set_current()
will cause them to be silently removed from the new sets. (This is a kernel limitation.) - The following functions will return an
Error
with codeEINVAL
if passed the unsupported capability: caps::ambient::is_set()
andcaps::bounding::read()
will returnNone
if passed the unsupported capability.
§Handling of newly-added capabilities
Conversely, when a binary using this library is running on a newer kernel that has added one or more new capabilities, issues can arise. Here is how this library will handle those capabilities:
- If the permitted, effective, and/or inheritable capability sets of this process are modified
(in any way) using
caps::CapState
, the unknown capability(s) will be removed from the permitted, effective, and inheritable sets. - The following functions are the ONLY functions in this crate that can be used to remove the unknown capability(s) from the ambient/bounding sets (see their documentation for more information):
As a result, if you are trying to clear the ambient and/or bounding capability sets, you must
call the clear()
or clear_unknown()
function for whichever set you want to clear.
Re-exports§
Modules§
- Interfaces to Linux capabilities.
- Interfaces to
prctl()
commands that don’t deal with capabilities.
Macros§
- A helper macro to statically construct a
CapSet
from a list of capabilities.
Structs§
- Represents an OS error encountered when performing an operation.