Implementing this would involve two halves: setting up the filesystem capabilities when the package installed (postinst most likely), and dropping the capability once the program had allocated memory.
Here is a quick example of how to mark an executable with a capability:
the pa_drop_caps and shows how to drop capabilities, and pa_have_caps shows how to test for a specific capability. (In the example's case, CAP_SYS_NICE.)
Implementing this would involve two halves: setting up the filesystem capabilities when the package installed (postinst most likely), and dropping the capability once the program had allocated memory.
Here is a quick example of how to mark an executable with a capability:
http:// www.friedhoff. org/posixfileca ps.html# Examples% 20-%20Substitut ion%20of% 20suid- 0%20privilege% 20with% 20POSIX% 20Capabilities% 20privilege
They use numeric values, but it may be more readable to use text version:
sudo setcap cap_sys_rawio=ep low-mmap
(setcap is in libcap2-bin)
Part 2 involves dropping the capability:
http:// git.0pointer. de/?p=pulseaudi o.git;a= blob;f= src/daemon/ caps.c; hb=86dee05aec33 0a0c2886c032771 2153793ca46c4
the pa_drop_caps and shows how to drop capabilities, and pa_have_caps shows how to test for a specific capability. (In the example's case, CAP_SYS_NICE.)