Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.os.linux.development.apps > #652
| Path | csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!eu.feeder.erje.net!goblin3!goblin.stu.neva.ru!news.netfront.net!gonzo.reversiblemaps.ath.cx!not-for-mail |
|---|---|
| From | Jasen Betts <jasen@xnet.co.nz> |
| Newsgroups | comp.os.linux.development.apps |
| Subject | Re: How does one use capabilities |
| Date | 12 Feb 2014 09:41:38 GMT |
| Organization | JJ's own news server |
| Lines | 44 |
| Message-ID | <ldffki$4q0$1@gonzo.reversiblemaps.ath.cx> (permalink) |
| References | <5d3aec9e-51c1-4a9a-801c-6281a8e62648@googlegroups.com> |
| NNTP-Posting-Host | 118.90.82.168 |
| X-Trace | adenine.netfront.net 1392199240 79982 118.90.82.168 (12 Feb 2014 10:00:40 GMT) |
| X-Complaints-To | news@netfront.net |
| NNTP-Posting-Date | Wed, 12 Feb 2014 10:00:40 +0000 (UTC) |
| X-Face | ?)Aw4rXwN5u0~$nqKj`xPz>xHCwgi^q+^?Ri*+R(&uv2=E1Q0Zk(>h!~o2ID@6{uf8s;a +M[5[U[QT7xFN%^gR"=tuJw%TXXR'Fp~W;(T"1(739R%m0Yyyv*gkGoPA.$b,D.w:z+<'"=-lVT?6 {T?=R^:W5g|E2#EhjKCa+nt":4b}dU7GYB*HBxn&Td$@f%.kl^:7X8rQWd[NTc"P"u6nkisze/Q;8 "9Z{peQF,w)7UjV$c|RO/mQW/NMgWfr5*$-Z%u46"/00mx-,\R'fLPe.)^ |
| User-Agent | slrn/pre1.0.0-18 (Linux) |
| Xref | csiph.com comp.os.linux.development.apps:652 |
Show key headers only | View raw
On 2014-02-12, Andrew Falanga <af300wsm@gmail.com> wrote:
> Hi,
>
> I'm learning about something that I didn't even know was in Linux for quite some time now: capabilities. How do they actually get set?
>
> I did something like this:
ignoring for now the memory leak.
>
> #include <iostream>
> #include <sys/types.h>
> #include <unistd.h>
> #include <sys/capabilities.h>
shoule be
#include <sys/capability.h>
>
> int main() {
> cap_t caps = cap_get_pid(getpid());
>
> std::cout << "capabilities: " << cap_to_text(caps) << std::endl;
should be
cap_to_text(caps,NULL)
,which leaks memory, but atleast doesn't give undefined behaviour.
> return 0;
> }
>
> Which returns "=". It seems unlikely that the process has no capabilities. Plus, every code example I've found thus far (which isn't many) shows that one first allocates a cap_t struct with cap_init() and then sets the values he wishes and then calls cap_set_pid() or similar. Is this how it's supposed to be used?
well, in spite of all that it seems to be working.
try running it as root.
--
Neither the pheasant plucker, nor the pheasant plucker's son.
--- news://freenews.netfront.net/ - complaints: news@netfront.net ---
Back to comp.os.linux.development.apps | Previous | Next — Previous in thread | Next in thread | Find similar
How does one use capabilities Andrew Falanga <af300wsm@gmail.com> - 2014-02-11 17:00 -0800
Re: How does one use capabilities Jasen Betts <jasen@xnet.co.nz> - 2014-02-12 09:41 +0000
Re: How does one use capabilities Andrew Falanga <af300wsm@gmail.com> - 2014-02-12 13:59 -0800
Re: How does one use capabilities Jasen Betts <jasen@xnet.co.nz> - 2014-02-13 11:47 +0000
Re: How does one use capabilities Joe Beanfish <joebeanfish@nospam.duh> - 2014-02-13 14:12 +0000
csiph-web