Process Behavior Controlling Based on Capability Mechanism in Linux OS

Compared with traditional super-user scheme, the capability mechanism can be used to provide more flexible and powerful controlling on process behavior. In this paper, some shortcomings of capability implementation in current Linux kernel are analyzed at first, then some changes are discussed based on least privilidge and privilege separation principles. A method based on session ID is also introduced to protect capability mechanism itself. This method can limit processes to change their euid, and get more capabilities.