diff options
| author | Christian Göttsche <cgzones@googlemail.com> | 2022-10-29 19:21:12 +0200 |
|---|---|---|
| committer | BenBE <BenBE@geshi.org> | 2023-02-05 00:24:13 +0100 |
| commit | e3481a9846ef01bb27c169b71eafeee704e10c68 (patch) | |
| tree | 47e5003f85875872813677895b7fa298d14af269 /linux/LinuxProcessList.c | |
| parent | 8ea144df7494bad0c46d3bf4f16c9a6556c500d2 (diff) | |
Linux: highlight username if process has elevated privileges
Highlight processes started from binaries with file capabilities set,
like kwin_wayland, or retaining Linux capabilities, via the ambient set,
after switching from the root user, e.g. rtkit.
Diffstat (limited to 'linux/LinuxProcessList.c')
| -rw-r--r-- | linux/LinuxProcessList.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/linux/LinuxProcessList.c b/linux/LinuxProcessList.c index 0576dd67..24b7ea98 100644 --- a/linux/LinuxProcessList.c +++ b/linux/LinuxProcessList.c @@ -568,6 +568,14 @@ static bool LinuxProcessList_readStatusFile(Process* process, openat_arg_t procF if (pid_ns_count > 1) process->isRunningInContainer = true; + } else if (String_startsWith(buffer, "CapPrm:")) { + char* ptr = buffer + strlen("CapPrm:"); + while (*ptr == ' ' || *ptr == '\t') + ptr++; + + uint64_t cap_permitted = fast_strtoull_hex(&ptr, 16); + process->elevated_priv = cap_permitted != 0 && process->st_uid != 0; + } else if (String_startsWith(buffer, "voluntary_ctxt_switches:")) { unsigned long vctxt; int ok = sscanf(buffer, "voluntary_ctxt_switches:\t%lu", &vctxt); |