CAP_PERFMON — and new capabilities in general
CAP_PERFMON — and new capabilities in general
Posted Feb 23, 2020 12:35 UTC (Sun) by ibukanov (subscriber, #3942)In reply to: CAP_PERFMON — and new capabilities in general by pbonzini
Parent article: CAP_PERFMON — and new capabilities in general
Those examples actually prove the grand-parent point. In my experience things like no-new-privileges, namespaces, syscall filters are vastly more useful to secure systems than capabilities. With those it is possible to secure a system even without restricting capabilities, while capabilities alone cannot realistically secure the system. Then again, why it took so long to come up with ambient capabilities that allow to grant a particular capability to a particular invocation of a process, not each and every execution of a binary?
Posted Feb 23, 2020 12:45 UTC (Sun)
by pbonzini (subscriber, #60935)
[Link]
CAP_PERFMON — and new capabilities in general
Capabilities alone are useless. Capabilities make no new privs, seccomp stronger and seccomp makes capabilities usable.