Why It Matters

Linux capabilities such as cap_setuid and cap_sys_admin can grant elevated power through shared MCP launch paths.

What Triggers

SEC666 matches MCP command definitions that run setcap or include dangerous capability tokens such as cap_setuid, cap_setgid, cap_sys_admin, or cap_net_admin.

False Positives

Capability management may be intentional in privileged admin tooling, but it is still a sensitive host privilege change that merits explicit review.

Remediation

Remove Linux capability manipulation from the MCP config and keep capability assignment in a dedicated reviewed administrative path.