Linux capabilities dropped

Linux capabilities are dropped

Linux capabilities provide a way to grant specific privileges to processes without giving them full root access. When all Linux capabilities are dropped, it significantly impacts any running process's ability to perform privileged operations.

Impact

Reduced attack surface: Dropping all capabilities limits potential exploitation vectors.
Limited system access: The process cannot perform operations that typically require root privileges.
- Binding to ports below 1024
- Modifying system files
- Changing network configurations
Increased security: Prevents accidental or malicious abuse of privileged operations.
Potential functionality issues: Some applications may require specific capabilities to function correctly.

Best Practices

Only grant necessary capabilities to processes that require them
Use fine-grained capability management instead of running processes as root

What next?

Consider reading up on:

Services run with UserID 65535
Ports

Linux capabilities are dropped​

Impact​

Best Practices​

What next?​

Linux capabilities are dropped

Impact

Best Practices

What next?