Based on recent libcap2 update
1: (Short option): getpcaps
Description:
From here:
getpcaps displays the capabilities on the processes indicated by the
pid value(s) given on the command line.
Example:
$ getpcaps <PID>
PID: = cap_chown,cap_dac_override,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_net_raw,cap_sys_chroot,cap_mknod,cap_audit_write,cap_setfcap+i
2: (A bit longer option): /proc status and capsh
Description:
proc is a process information pseudo-filesystem or in other words – a directory where you can view information on all processes.
About capsh:
Linux capability support and use can be explored and constrained with
this tool. This tool provides a handy wrapper for certain types of
capability testing and environment creation.
It also provides
some debugging features useful for summarizing capability state.
Example:
$ cat /proc/<PID>/status | grep Cap
And you’ll get (on most systems):
CapInh: 00000000a80425fb (Inherited capabilities)
CapPrm: 0000000000000000 (Permitted capabilities)
CapEff: 0000000000000000 (Effective capabilities)
CapBnd: 00000000a80425fb (Bounding set)
CapAmb: 000000000000000 (Ambient capabilities set)
Use the capsh utility to decode from hexadecimal numbers into the capabilities name:
capsh --decode=00000000a80425fb
0x00000000a80425fb=cap_chown,cap_dac_override,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_net_bind_service,cap_net_raw,cap_sys_chroot,cap_mknod,cap_audit_write,cap_setfcap
(*) You can download capsh with: sudo apt-get install git libpcap-dev.