D7net Mini Sh3LL v1

 
OFF  |  cURL : OFF  |  WGET : ON  |  Perl : ON  |  Python : OFF
Directory (0755) :  /media/../../usr/share/doc/fakeroot/../libvolume-key/../libgcc-s1/../libcap2-bin/

 Home   ☍ Command   ☍ Upload File   ☍Info Server   ☍ Buat File   ☍ Mass deface   ☍ Jumping   ☍ Config   ☍ Symlink   ☍ About 

Current File : //media/../../usr/share/doc/fakeroot/../libvolume-key/../libgcc-s1/../libcap2-bin/README.Debian
Please check http://www.friedhoff.org/posixfilecaps.html to get more
information on POSIX File Capabilities.


Example: how to remove the SUID root bit from /bin/ping?
--------------------------------------------------------

Make sure you have kernel 2.6.24 or newer you have
CONFIG_SECURITY_CAPABILITIES and CONFIG_SECURITY_FILE_CAPABILITIES
enabled. The Debian kernels are fine.

  $ ls -l /bin/ping
  -rwsr-xr-x 1 root root 30736 2007-01-31 00:10 /bin/ping
     ^
That is not good.

  $ sudo chmod 755 /bin/ping

Or use dpkg-statoverride.

  $ ls -l /bin/ping
  -rwxr-xr-x 1 root root 30736 2007-01-31 00:10 /bin/ping

That is better but ping fails.

  $ ping -c1 localhost
  ping: icmp open socket: Operation not permitted

Now set the missing capability:

  $ sudo setcap cap_net_raw+ep /bin/ping

... and ping will work again.

  $ ping -c1 localhost
  PING localhost (127.0.0.1) 56(84) bytes of data.
  64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.026 ms

  --- localhost ping statistics ---
  1 packets transmitted, 1 received, 0% packet loss, time 0ms
  rtt min/avg/max/mdev = 0.026/0.026/0.026/0.000 ms



Torsten Werner

AnonSec - 2021 | Recode By D7net