Commit f2e65e4e authored by Jonathan Corbet's avatar Jonathan Corbet
Browse files

docs: threat-model: don't limit root capabilities to CAP_SYS_ADMIN 



The threat-model document says that only users with CAP_SYS_ADMIN can carry
out a number of admin-level tasks, but there are numerous capabilities that
can confer that sort of power.  Generalize the text slightly to make it
clear that CAP_SYS_ADMIN is not the only all-powerful capability.

Acked-by: default avatarWilly Tarreau <w@1wt.eu>
Signed-off-by: default avatarJonathan Corbet <corbet@lwn.net>
parent 561458db

Documentation/process/threat-model.rst

+2 −1
Original line number Diff line number Diff line
@@ -62,7 +62,8 @@ on common processors featuring privilege levels and memory management units: 


* **Capability-based protection**:



  * users not having the ``CAP_SYS_ADMIN`` capability may not alter the

  * users not having elevated capabilities (including but not limited to

    CAP_SYS_ADMIN) may not alter the

    kernel's configuration, memory nor state, change other users' view of the

    file system layout, grant any user capabilities they do not have, nor

    affect the system's availability (shutdown, reboot, panic, hang, or making