]> git.ipfire.org Git - thirdparty/kernel/linux.git/commit
projects / thirdparty / kernel / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 561458d) | patch
docs: threat-model: don't limit root capabilities to CAP_SYS_ADMIN
authorJonathan Corbet <corbet@lwn.net>
Wed, 13 May 2026 20:58:53 +0000 (14:58 -0600)
committerJonathan Corbet <corbet@lwn.net>
Thu, 14 May 2026 12:23:44 +0000 (06:23 -0600)
commitf2e65e4e5b4b4b9ecf43f03c3fdbe8c9a8a43a9e
tree81d5c0986869097529aa91d7f9f74d8948c3d074tree | snapshot
parent561458db0d6b08b4e4956c6e4456d7781b18676fcommit | diff
docs: threat-model: don't limit root capabilities to CAP_SYS_ADMIN

The threat-model document says that only users with CAP_SYS_ADMIN can carry
out a number of admin-level tasks, but there are numerous capabilities that
can confer that sort of power.  Generalize the text slightly to make it
clear that CAP_SYS_ADMIN is not the only all-powerful capability.

Acked-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Documentation/process/threat-model.rst diff | blob | blame | history
A mirror of Linus' kernel repository