Litcius/Paper detail

Decap: Deprivileging Programs by Reducing Their Capabilities

Md Mehedi Hasan, Seyedhamed Ghavamnia, Michalis Polychronakis

202211 citationsDOI

Abstract

Linux enables non-root users to perform certain privileged operations through the use of the setuid (“set user ID”) mechanism. This represents a glaring violation of the principle of least privilege, as setuid programs run with full superuser privileges—with disastrous outcomes when vulnerabilities are found in them. Linux capabilities aim to improve this situation by splitting superuser privileges into distinct units that can be assigned individually. Despite the clear benefits of capabilities in reducing the risk of privilege escalation, their actual use is scarce, and setuid programs are still prevalent in modern Linux distributions. The lack of a systematic way for developers to identify the capabilities needed by a given program is a contributing factor that hinders their applicability.

Topics & Concepts

Computer scienceSecurity and Verification in ComputingAdvanced Malware Detection TechniquesDistributed systems and fault tolerance
Decap: Deprivileging Programs by Reducing Their Capabilities | Litcius