Capabilities management
  Implemented in Linux as of kernel 2.2
  Traditional root model simply assigns all capabities to any process running as uid==0
  Program can check / set capabilities using the following calls
  capget(2) / capset(2)
  Low level, may change across kernel versions
  cap_get_proc(3) / cap_set_proc(3) 
  portable library call
  capgetp(3) / capsetp(3) 
  linux-specific library call

Copyright 2003, Bri Hatch of Onsight, Inc.

Presented at ISSA Puget Sound, 2003.

Presentation created using vim and MagicPoint.