1CAPTEST:(8)             System Administration Utilities            CAPTEST:(8)
2
3
4

NAME

6       captest - a program to demonstrate capabilities
7

SYNOPSIS

9       captest  [ --ambient --drop-all | --drop-caps | --id ] [ --init-grp ] [
10       --lock ] [ --text ]
11

DESCRIPTION

13       captest is a program that  demonstrates  and  prints  out  the  current
14       process  capabilities. Each option prints the same report. It will out‐
15       put current capabilities.  then  it  will  try  to  access  /etc/shadow
16       directly  to  show if that can be done. Then it creates a child process
17       that attempts to read /etc/shadow and outputs the results of that. Then
18       it outputs the capabilities that a child process would have.
19
20       You  can  also  apply file system capabilities to this program to study
21       how they work. For example, filecap /usr/bin/captest  chown.  Then  run
22       captest  as  a normal user. Another interesting test is to make captest
23       suid root so that you can see what the interaction  is  between  root's
24       credentials and capabilities. For example, chmod 4755 /usr/bin/captest.
25       When run as a normal user, the program will see if privilege escalation
26       is  possible.  But  do not leave this app setuid root after you are don
27       testing so that an attacker cannot take advantage of it.
28
29

OPTIONS

31       --ambient
32              This attempts to add CAP_CHOWN ambient capability.
33
34       --drop-all
35              This drops all capabilities including  ambient  and  clears  the
36              bounding set.
37
38       --drop-caps
39              This drops just traditional capabilities.
40
41       --id   This  changes  to uid and gid 99, drops supplemental groups, and
42              clears the bounding set.
43
44       --init-grp
45              This changes to uid and gid 99 and then  adds  any  supplemental
46              groups  that  comes  with  that account. You would have add them
47              prior to testing because by default there  are  no  supplemental
48              groups on account 99.
49
50       --text This  option  outputs  the effective capabilities in text rather
51              than numerically.
52
53       --lock This prevents the ability for child processes to  regain  privi‐
54              leges if the uid is 0.
55
56

SEE ALSO

58       filecap(8), capabilities(7)
59
60

AUTHOR

62       Steve Grubb
63
64
65
66Red Hat                            Sept 2020                       CAPTEST:(8)
Impressum