The Benefits of Parceling Root Power with POSIX

POSIX file capabilities split root user powers into smaller privileges, such as the ability to read files or to trace processes owned by another user. By assigning capabilities to a file, you can enable an unprivileged user to execute the file with those specified privileges. In this article, learn how programs can make use of POSIX capabilities, how to investigate which capabilities are needed by a program, and how to assign those capabilities to the program.