Skip to content
  • John Thacker's avatar
    dumpcap: Always drop capabilities other than NET_RAW and NET_ADMIN · 2584980a
    John Thacker authored
    Even if we're running with real and effective user ID the same,
    always drop capabilities other than NET_RAW and NET_ADMIN.
    Take a little bit of care to make sure that we always succeed in
    dropping them, to take care of the edge case where dumpcap is missing
    one of those two but has some other file capabilities it shouldn't
    have.
    
    This resolves a particular inconsistency whereby a user running
    dumpcap with file capabilities but without sudo or setuid/setgid
    could have greater capabilities (e.g., CAP_DAC_OVERRIDE) than
    someone running the same file but with sudo, logged in as root, or
    setuid/setgid. (See #7672, though this resolves the inconsistency
    in the opposite direction from how the person who opened the issue
    desired.)
    2584980a