
Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
posix-caps-ng
Advanced tools
This is a node.js module that provides libcap-ng bindings to modify the capabilities of the current process.
The most likely use for this is obviously setting CAP_NET_BIND_SERVICE
to enable binding to privileged ports such as 80 or 443.
To use a capability this the user running the program needs to have the
capability, too. This can be achieved by using pam_cap
and granting the
capability via the /etc/security/capability.conf
file.
Unfortunately the node binary also needs the capability - but only in its
inheritable set. Executing setcap cap_net_bind_service+i /usr/bin/node
as
root does the job.
var caps = require('posix-caps-ng');
caps.set_cap(caps.CAP_NET_BIND_SERVICE, caps.EFFECTIVE, true);
If the application does not start any child processes which also need this cap, it is a good idea to clear it from the inheritable set after enabling it and possibly also removing the cap altogether after binding to the privileged port:
caps.set_cap(caps.CAP_NET_BIND_SERVICE, caps.ALL, false);
bool has_cap(cap, type)
- check if the given cap is setbool set_cap(cap, types, set)
- set/remove the given capbool clear_caps()
- remove all capsstring get_caps(type)
- get a string containing all set capstype
can be one of caps.EFFECTIVE
, caps.PERMITTED
, caps.INHERITABLE
.
types
can be any combination (binary OR) of those flags.
FAQs
node.js wrapper for the libcap-ng POSIX capabilities library
The npm package posix-caps-ng receives a total of 1 weekly downloads. As such, posix-caps-ng popularity was classified as not popular.
We found that posix-caps-ng demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.