Recently, I learned of the concept of "Linux capabilities". And yeah, as much as I enjoy reading up on these things, the whole time I was thinking, if something's fucky with these capabilities, I'll never remember to check them...

uis

•

Funfact: if you want to run for example HTTP server, you can run it with CAP_NET_BIND_SERVICE and no_new_priv.

kool_newt

•

Permanently Deleted

ninjan

•

Should've been Sean Connery and not Daniel Craig bond in the pic! Missed opportunity.

Bonehead

•

You can't do that...Connery would just mount and fsck everything that moved instead of fixing the system.

ebits21

•

And need the extra CHMOD, JAMES CHMOD

fraksken

•

Bad bad bad!

quicken

•

ssh still doesn't work. I'm out of ideas!

ShittyRedditWasBetter

•

setenforce 0