You are not logged in.
Hi guys,
I ran into the gdb ptrace problem detailed all over the web and in this Arch bug report. I noticed there were two solutions: one system-wide and one per application you'd want to give permissions to.
I would guess the latter (i.e. setcap) is the "better" solution, as it is more localized, but I can't find any documentation on what it actually does and how I can view my setcap'ed things. What I'm really saying is that setcap use is spread over the Wiki, but nowhere is really explained what it is, why it is necessary, and how one would generally use it. Could someone with the necessary knowledge perhaps write up a small wiki page about it so that this page can get linked to from various articles (nginx/gdb/...)?
I don't want to be presumptuous about asking for documentation, but I really believe clearing this out will help future generations.
Thanks!
Offline
A small intro is already in the wiki: Capabilities
You might also want to check out the Security and DeveloperWiki:Security articles.
Offline