Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

captest(8) [osx man page]

CAPTEST:(8)						  System Administration Utilities					       CAPTEST:(8)

NAME
captest - a program to demonstrate capabilities SYNOPSIS
captest [ --drop-all | --drop-caps | --id ] [ --lock ] [ --text ] DESCRIPTION
captest is a program that demonstrates and prints out the current process capabilities. Each option prints the same report. It will output current capabilities. then it will try to access /etc/shadow directly to show if that can be done. Then it creates a child process that attempts to read /etc/shadow and outputs the results of that. Then it outputs the capabilities that a child process would have. You can also apply file system capabilities to this program to study how they work. For example, filecap /usr/bin/captest chown. Then run captest as a normal user. Another interesting test is to make captest suid root so that you can see what the interaction is between root's credentials and capabilities. For example, chmod 4755 /usr/bin/captest. When run as a normal user, the program will see if privilege esca- lation is possible. But do not leave this app setuid root after you are don testing so that an attacker cannot take advantage of it. OPTIONS
--drop-all This drops all capabilities and clears the bounding set. --drop-caps This drops just traditional capabilities. --id This changes to uid and gid 99, drops supplemental groups, and clears the bounding set. --text This option outputs the effective capabilities in text rather than numerically. --lock This prevents the ability for child processes to regain privileges if the uid is 0. SEE ALSO
filecap(8), capabilities(7) AUTHOR
Steve Grubb Red Hat June 2009 CAPTEST:(8)

Check Out this Related Man Page

CAPTEST:(8)                                               System Administration Utilities                                              CAPTEST:(8)

NAME
captest - a program to demonstrate capabilities SYNOPSIS
captest [ --drop-all | --drop-caps | --id ] [ --lock ] [ --text ] DESCRIPTION
captest is a program that demonstrates and prints out the current process capabilities. Each option prints the same report. It will output current capabilities. then it will try to access /etc/shadow directly to show if that can be done. Then it creates a child process that attempts to read /etc/shadow and outputs the results of that. Then it outputs the capabilities that a child process would have. You can also apply file system capabilities to this program to study how they work. For example, filecap /usr/bin/captest chown. Then run captest as a normal user. Another interesting test is to make captest suid root so that you can see what the interaction is between root's credentials and capabilities. For example, chmod 4755 /usr/bin/captest. When run as a normal user, the program will see if privilege esca- lation is possible. But do not leave this app setuid root after you are don testing so that an attacker cannot take advantage of it. OPTIONS
--drop-all This drops all capabilities and clears the bounding set. --drop-caps This drops just traditional capabilities. --id This changes to uid and gid 99, drops supplemental groups, and clears the bounding set. --text This option outputs the effective capabilities in text rather than numerically. --lock This prevents the ability for child processes to regain privileges if the uid is 0. SEE ALSO
filecap(8), capabilities(7) AUTHOR
Steve Grubb Red Hat June 2009 CAPTEST:(8)
Man Page

13 More Discussions You Might Find Interesting

1. AIX

AIX Links

Manufacturer Links General Information Home Page: IBM United States Documentation/Information: IBM System p - UNIX servers: Support and services pSeries and AIX Information Center Developerworks AIX Wiki: AIX Wiki AIX for System Administrators In-depth information from IBM: IBM... (0 Replies)
Discussion started by: Perderabo
0 Replies

2. OS X (Apple)

Mac OS X: Based on UNIX - Solid As a Rock

See this threads: Page Not Found - Apple Open Source - Apple (0 Replies)
Discussion started by: Neo
0 Replies

3. Shell Programming and Scripting

At A Glance Coloured Real Time Bargraph Generator...

Not sure if anyone is interested but I am just getting into UNIX like shell scripting... I have great interest in pseudo-animations in text mode and accessing HW like /dev/dsp for example... ... Have fun, I do... ;o) # !/bin/sh # # Bargraph_Generator.sh # # A DEMO 6 bit coloured... (0 Replies)
Discussion started by: wisecracker
0 Replies

4. UNIX for Advanced & Expert Users

When is a _function_ not a _function_?

For a starter I know the braces are NOT in the code... Consider these code snippets:- #!/bin/bash --posix x=0 somefunction() if then echo "I am here." fi # somefunction #!/bin/bash --posix x=0 somefunction() if (2 Replies)
Discussion started by: wisecracker
2 Replies

5. OS X (Apple)

Installing Dash Shell on OS X Lion

For those interested in installing dash shell on OSX Lion to help test POSIX compliancy of shell scripts, it is quite easy. I did it like this: If you don't have gcc on your system: 0. Download and install the Command Line Tools for Xcode package from Sign In - Apple * 1. Download the dash... (2 Replies)
Discussion started by: Scrutinizer
2 Replies

6. OS X (Apple)

Hearing Aid for OSX 10.12.x and greater.

Hearing Aid... Hi folks yet another bizarre piece of code that is Apple OSX 10.12.x to at least 10.14.1 specific. It requires only a default OSX install, and the internal microphone along with an external headphone assembly. Pre-amble, 14-02-2019: For over 3 weeks now I have been suffering a... (3 Replies)
Discussion started by: wisecracker
3 Replies

7. UNIX for Advanced & Expert Users

Shopt -s histappend

What is the point of this? Whenever I close my shell it appends to the history file without adding this. I have never seen it overwrite my history file. # When the shell exits, append to the history file instead of overwriting it shopt -s histappend (3 Replies)
Discussion started by: cokedude
3 Replies

8. OS X (Apple)

Undeletable file

Greetings, I'm trying to delete a file with a weird name from within Terminal on a Mac. It's a very old file (1992) with null characters in the name: ␀␀Word Finder® Plus™. Here are some examples of what I've tried: 12FX009:5 dpontius$ ls ␀␀Word Finder® Plus™ 12FX009:5 dpontius$ rm... (29 Replies)
Discussion started by: dpontius
29 Replies

9. Shell Programming and Scripting

To print diamond asterisk pattern based on inputs

I have to print the number of stars that increases on each line from the minimum number until it reaches the maximum number, and then decreases until it goes back to the minimum number. After printing out the lines of stars, it should also print the total number of stars printed. I have tried... (13 Replies)
Discussion started by: rohit_shinez
13 Replies

10. Programming

My first PERL incarnation... Audio Oscillograph

Hi all... Well guys and gals, I jumped in at the deep end and found things that PERL cannot do by default. Many tricky terminal escape codes are not catered for so I had to create workarounds. One thing I searched for was this: Passing perl variable to shell command AND, @Neo this was... (15 Replies)
Discussion started by: wisecracker
15 Replies

11. Shell Programming and Scripting

A dash to GOTO or a dash from GOTO, that is the question...

Well, guys I saw a question about GOTO for Python. So this gave me the inspiration to attempt a GOTO function for 'dash', (bash and ksh too). Machine: MBP OSX 10.14.3, default bash terminal, calling '#!/usr/local/bin/dash'... This is purely a fun project to see if it is possible in PURE... (3 Replies)
Discussion started by: wisecracker
3 Replies

12. Shell Programming and Scripting

Syntax error in subtraction in Bash

I am sharing a code snippet. for (( i=0; i<=$(( $count -1 )); i++ )) do first=${barr2} search=${barr1} echo $first echo "loop begins" for (( j=0; j<=5000; j++ )) do if } == $search ]]; then echo $j break; fi done second=${harr2} echo $second (2 Replies)
Discussion started by: ngabrani
2 Replies

13. Shell Programming and Scripting

Python: Refer a properties file from different location

Hi All, I'm having a python script: test.py in /path/to/script/test.py I'm using a properties file: test_properties.py (it is having values as dictionary{}) which is in same DIR as the script. Sample Properties file: params = { 'target_db' : 'a1_db' 'src_db' : ... (15 Replies)
Discussion started by: saps19
15 Replies