OXIESEC PANEL
- Current Dir:
/
/
etc
/
security
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
05/20/2025 05:23:23 PM
rwxr-xr-x
📄
access.conf
4.51 KB
04/05/2018 12:27:42 PM
rw-r--r--
📄
capability.conf
1.75 KB
01/06/2014 01:11:54 AM
rw-r--r--
📄
faillock.conf
2.18 KB
02/02/2023 09:24:07 AM
rw-r--r--
📄
group.conf
3.55 KB
04/05/2018 12:27:42 PM
rw-r--r--
📄
limits.conf
2.1 KB
04/05/2018 12:27:42 PM
rw-r--r--
📁
limits.d
-
04/05/2018 12:27:42 PM
rwxr-xr-x
📄
namespace.conf
1.41 KB
04/05/2018 12:27:42 PM
rw-r--r--
📁
namespace.d
-
04/05/2018 12:27:42 PM
rwxr-xr-x
📄
namespace.init
1016 bytes
04/05/2018 12:27:42 PM
rwxr-xr-x
📄
opasswd
0 bytes
10/21/2019 03:48:19 PM
rw-------
📄
pam_env.conf
2.9 KB
04/05/2018 12:27:42 PM
rw-r--r--
📄
sepermit.conf
419 bytes
04/05/2018 12:27:42 PM
rw-r--r--
📄
time.conf
2.13 KB
04/05/2018 12:27:42 PM
rw-r--r--
Editing: capability.conf
Close
# # /etc/security/capability.conf # # this is a sample capability file (to be used in conjunction with # the pam_cap.so module) # # In order to use this module, it must have been linked with libcap # and thus you'll know about Linux's capability support. # [If you don't know about libcap, the sources for it are here: # # http://www.kernel.org/pub/linux/libs/security/linux-privs/ # # .] # # Here are some sample lines (remove the preceding '#' if you want to # use them ## user 'morgan' gets the CAP_SETFCAP inheritable capability (commented out!) #cap_setfcap morgan ## user 'luser' inherits the CAP_DAC_OVERRIDE capability (commented out!) #cap_dac_override luser ## 'everyone else' gets no inheritable capabilities (restrictive config) none * ## if there is no '*' entry, all users not explicitly mentioned will ## get all available capabilities. This is a permissive default, and ## possibly not what you want... On first reading, you might think this ## is a security problem waiting to happen, but it defaults to not being ## so in this sample file! Further, by 'get', we mean 'get in their inheritable ## set'. That is, if you look at a random process, even one run by root, ## you will see it has no inheritable capabilities (by default): ## ## $ /sbin/capsh --decode=$(grep CapInh /proc/1/status|awk '{print $2}') ## 0000000000000000= ## ## The pam_cap module simply alters the value of this capability ## set. Including the 'none *' forces use of this module with an ## unspecified user to have their inheritable set forced to zero. ## ## Omitting the line will cause the inheritable set to be unmodified ## from what the parent process had (which is generally 0 unless the ## invoking user was bestowed with some inheritable capabilities by a ## previous invocation).