root and capabilities list

ds 1000hz.radiowave at
Wed Oct 15 01:11:47 UTC 2014

On 15.10.2014 04:54, Colin Watson wrote:

>   Martin's right - CAP_SYS_MODULE is functionally equivalent to root.
I see.
Anyway, there is another part, reading the msr and cpuid. For that, it 
seems to be really beneficial, to make it available to everyone. So the 
process which needs it, can only live with limited CAP_SYS_RAWIO powers. 
It seem to me, that the root rights are there only because the 
capability system was introduced only a couple of years ago, and the msr 
and cpuid part was not yet changed with capabilities in mind.
As i said, i am new to linux, so not sure how it all works, and where to 
discuss the whole thing.

More information about the Ubuntu-devel-discuss mailing list