root and capabilities list
1000hz.radiowave at gmail.com
Wed Oct 15 01:11:47 UTC 2014
On 15.10.2014 04:54, Colin Watson wrote:
> Martin's right - CAP_SYS_MODULE is functionally equivalent to root.
Anyway, there is another part, reading the msr and cpuid. For that, it
seems to be really beneficial, to make it available to everyone. So the
process which needs it, can only live with limited CAP_SYS_RAWIO powers.
It seem to me, that the root rights are there only because the
capability system was introduced only a couple of years ago, and the msr
and cpuid part was not yet changed with capabilities in mind.
As i said, i am new to linux, so not sure how it all works, and where to
discuss the whole thing.
More information about the Ubuntu-devel-discuss