Odd behaviour with CAP_SYS_BOOT
Posted: Wed Dec 10, 2003 9:03 am/ {
/ r
/opt rx
/home rwx
/mnt rw
/dev
/dev/urandom r
/dev/random r
/dev/zero rw
/dev/input rw
/dev/psaux rw
/dev/null rw
/dev/tty? rw
/dev/console rw
/dev/tty rw
/dev/pts rw
/dev/ptmx rw
/dev/dsp h
/dev/mixer h
/dev/fd? h
/dev/cdrom r
/dev/mem h
/dev/kmem h
/dev/port h
/bin rx
/sbin rx
/lib rx
/usr rx
/etc rx
/etc/rc.d h
/etc/ssh h
/etc/sudoers h
/proc rwx
/proc/kcore h
/proc/sys r
/root r
/tmp rw
/var rx
/var/lock/subsys rw
/var/apache2 r
/var/tmp rw
/var/log r
/boot h
/www rw
/etc/grsec h
/opt/j2sdk1.4.2_02 rx
-CAP_SYS_TTY_CONFIG
-CAP_LINUX_IMMUTABLE
-CAP_NET_RAW
-CAP_MKNOD
-CAP_SYS_ADMIN
-CAP_SYS_RAWIO
-CAP_SYS_MODULE
-CAP_SYS_PTRACE
-CAP_NET_ADMIN
-CAP_NET_BIND_SERVICE
-CAP_SYS_CHROOT
-CAP_SYS_BOOT
}
Why is it possible to reboot the machine still? I typed 'reboot' and it booted when I was 'regular' root.
That is the only place where -CAP_SYS_BOOT is used
/ r
/opt rx
/home rwx
/mnt rw
/dev
/dev/urandom r
/dev/random r
/dev/zero rw
/dev/input rw
/dev/psaux rw
/dev/null rw
/dev/tty? rw
/dev/console rw
/dev/tty rw
/dev/pts rw
/dev/ptmx rw
/dev/dsp h
/dev/mixer h
/dev/fd? h
/dev/cdrom r
/dev/mem h
/dev/kmem h
/dev/port h
/bin rx
/sbin rx
/lib rx
/usr rx
/etc rx
/etc/rc.d h
/etc/ssh h
/etc/sudoers h
/proc rwx
/proc/kcore h
/proc/sys r
/root r
/tmp rw
/var rx
/var/lock/subsys rw
/var/apache2 r
/var/tmp rw
/var/log r
/boot h
/www rw
/etc/grsec h
/opt/j2sdk1.4.2_02 rx
-CAP_SYS_TTY_CONFIG
-CAP_LINUX_IMMUTABLE
-CAP_NET_RAW
-CAP_MKNOD
-CAP_SYS_ADMIN
-CAP_SYS_RAWIO
-CAP_SYS_MODULE
-CAP_SYS_PTRACE
-CAP_NET_ADMIN
-CAP_NET_BIND_SERVICE
-CAP_SYS_CHROOT
-CAP_SYS_BOOT
}
Why is it possible to reboot the machine still? I typed 'reboot' and it booted when I was 'regular' root.
That is the only place where -CAP_SYS_BOOT is used