1CAPTEST:(8) System Administration Utilities CAPTEST:(8)
2
6 captest - a program to demonstrate capabilities
7
9 captest [ --ambient --drop-all | --drop-caps | --id ] [ --init-grp ] [
10 --lock ] [ --text ]
11
13 captest is a program that demonstrates and prints out the current
14 process capabilities. Each option prints the same report. It will out‐
15 put current capabilities. then it will try to access /etc/shadow
16 directly to show if that can be done. Then it creates a child process
17 that attempts to read /etc/shadow and outputs the results of that. Then
18 it outputs the capabilities that a child process would have.
19 You can also apply file system capabilities to this program to study
21 how they work. For example, filecap /usr/bin/captest chown. Then run
22 captest as a normal user. Another interesting test is to make captest
23 suid root so that you can see what the interaction is between root's
24 credentials and capabilities. For example, chmod 4755 /usr/bin/captest.
25 When run as a normal user, the program will see if privilege escalation
26 is possible. But do not leave this app setuid root after you are don
27 testing so that an attacker cannot take advantage of it.
28
31 --ambient
32 This attempts to add CAP_CHOWN ambient capability.
33 --drop-all
35 This drops all capabilities including ambient and clears the
36 bounding set.
37 --drop-caps
39 This drops just traditional capabilities.
40 --id This changes to uid and gid 99, drops supplemental groups, and
42 clears the bounding set.
43 --init-grp
45 This changes to uid and gid 99 and then adds any supplemental
46 groups that comes with that account. You would have add them
47 prior to testing because by default there are no supplemental
48 groups on account 99.
49 --text This option outputs the effective capabilities in text rather
51 than numerically.
52 --lock This prevents the ability for child processes to regain privi‐
54 leges if the uid is 0.
55
58 filecap(8), capabilities(7)
59
62 Steve Grubb
63Red Hat Sept 2020 CAPTEST:(8)