Does a process that have the root user always have all of the capabilities available in Linux?

Question

In Linux, a process that have a non-root user can have some capabilities assigned to it to increase its privileges.

And a process that have the root user have all of the capabilities available, but can such a process have some of its capabilities removed (either manually or automatically in certain situations)?

This question is more suited for "https://unix.stackexchange.com/". — Dominique, Feb 19 '19 at 08:00

score 1 · Answer 1 · answered Feb 19 '19 at 08:20

1

I don't think so, because root is allowed to access everything - per os design.

That's the reason why modern Linux distributions often hides the root user and work with the sudo approach instead.

answered Feb 19 '19 at 08:20

OkieOth

3,604
1
19
29

Does a process that have the root user always have all of the capabilities available in Linux?

1 Answers1