Capabilities and Privileged Checking References - kvesta/vesta GitHub Wiki

CAP_DAC_READ_SEARCH:
- https://github.com/cdk-team/CDK
SYS_ADMIN, privileged:
- https://twitter.com/_fel1x/status/1151487051986087936
- https://0xn3va.gitbook.io/cheat-sheets/container/escaping/excessive-capabilities#cap_sys_admin
CAP_SYS_PTRACE:
- https://gist.github.com/thejh/8346f47e359adecd1d53
CAP_SYS_CHROOT: -https://deepsec.net/docs/Slides/2015/Chw00t_How_To_Break%20Out_from_Various_Chroot_Solutions_-_Bucsay_Balazs.pdf
CAP_BPF:
- https://mp.weixin.qq.com/s/Psqy3X3VdUPga7f2cnct1g
DAC_OVERRIDE, CAP_DAC_READ_SEARCH:
- https://medium.com/@fun_cuddles/docker-breakout-exploit-analysis-a274fff0e6b3
NET_ADMIN:
- https://snyk.io/blog/kubernetes-securitycontext-linux-capabilities/
CAP_MKNOD:
- https://labs.withsecure.com/publications/abusing-the-access-to-mount-namespaces-through-procpidroot
- https://i.blackhat.com/USA-20/Thursday/us-20-Avrahami-Escaping-Virtualized-Containers.pdf