There is something I don't understand regarding the CAP_SYS_RAWIO capability: does this gives access to all devices? can it be enabled device by device (or device type by device type?--such as CDROM writers).
In the defense industry you are granted access only to the information you need to know. Anything else is not granted, no matter what your clearance level is.
Should not that be the case for capabilities?
Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds