From 88d7ad15a98d967627649b1a26752720e71d8a53 Mon Sep 17 00:00:00 2001
From: TKostrzewski <thomas_kostrzewski@hotmail.com>
Date: Mon, 14 Jul 2025 16:26:01 +0100
Subject: [PATCH] feat(capabilities): add workaround for low-privileged users
 when trying to set the CAP_SETUID capability on the copied binaries

---
 _data/functions.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/_data/functions.yml b/_data/functions.yml
index 8e5406df..110eb919 100644
--- a/_data/functions.yml
+++ b/_data/functions.yml
@@ -58,7 +58,7 @@ sudo:
 
 capabilities:
   label: Capabilities
-  description: If the binary has the Linux `CAP_SETUID` capability set or it is executed by another binary with the capability set, it can be used as a backdoor to maintain privileged access by manipulating its own process UID.
+  description: If the binary has the Linux `CAP_SETUID` capability set or it is executed by another binary with the capability set, it can be used as a backdoor to maintain privileged access by manipulating its own process UID. The `getcap -r / 2>/dev/null | grep cap_setuid` command will give the locations of the original binaries that have the `CAP_SETUID` capability set already, in case your user is too low-privileged to set the capability on the copied binary.
 
 limited-suid:
   label: Limited SUID