The learning objective of this lab is for students to gain first-hand experiences on capability, to appreciate the advantage of capabilities in access control, and to master how to use capability in to achieve the principle of least privileges. In addition, through this lab, by dissecting the capability mechanism in Linux, students will gain insights on how capability is implemented in operating systems. This lab is based on POSIX 1.e capability, which is implemented in recent versions of Linux kernel.

Lab Tasks (Description)

Recommended Time: 2 weeks

Files that are Needed

Helpful Documents

SEED Project