search

Capabilities

"Better" than SUID but vulnerable in the same way

hashtag
What are Capabilities?

capabilities(7) - Linux manual pageman7.orgchevron-right
Capabilities man page

In short, "capability" is a "safer" version of SUID. However, it is still vulnerable in certain cases.

hashtag
Enumeration

Search for capabilities:

hashtag
Python Capabilities

Suppose /usr/bin/python2.6 has all capabilities:

Python capabilities

Spawn a root shell:

PreviousSUIDNextCron Jobs

Last updated