Re: [PR] Add CAP_CHOWN to permitted capability set [trafficserver]

Mon, 23 Feb 2026 13:35:28 -0800 


Copilot commented on code in PR #12908:
URL: https://github.com/apache/trafficserver/pull/12908#discussion_r2843200233


##########
src/tscore/ink_cap.cc:
##########
@@ -273,7 +273,7 @@ RestrictCapabilities()
   cap_t caps_orig = cap_get_proc();
 
   // Capabilities we need.
-  cap_value_t      perm_list[]    = {CAP_NET_ADMIN, CAP_NET_BIND_SERVICE, 
CAP_IPC_LOCK, CAP_DAC_OVERRIDE, CAP_FOWNER};
+  cap_value_t      perm_list[]    = {CAP_NET_ADMIN, CAP_NET_BIND_SERVICE, 
CAP_IPC_LOCK, CAP_DAC_OVERRIDE, CAP_FOWNER, CAP_CHOWN};

Review Comment:
   Adding CAP_CHOWN to the permitted set without a corresponding privilege 
level in the ElevateAccess class makes it effectively unusable. Currently, 
ElevateAccess supports FILE_PRIVILEGE (maps to CAP_DAC_OVERRIDE), 
OWNER_PRIVILEGE (maps to CAP_FOWNER), TRACE_PRIVILEGE (maps to CAP_SYS_PTRACE), 
and LOW_PORT_PRIVILEGE. To actually use CAP_CHOWN, you need to either:
   
   1. Add a new privilege level (e.g., CHOWN_PRIVILEGE = 0x10u) to the 
ElevateAccess class in include/tscore/ink_cap.h
   2. Update the acquirePrivilege() function in src/tscore/ink_cap.cc to handle 
this new privilege level by elevating CAP_CHOWN to the effective set
   
   Without these changes, CAP_CHOWN will remain in the permitted set but cannot 
be elevated to the effective set, making it impossible for plugins to use 
fchown() as described in the PR description.
   ```suggestion
     cap_value_t      perm_list[]    = {CAP_NET_ADMIN, CAP_NET_BIND_SERVICE, 
CAP_IPC_LOCK, CAP_DAC_OVERRIDE, CAP_FOWNER};
   ```



##########
src/tscore/ink_cap.cc:
##########
@@ -273,7 +273,7 @@ RestrictCapabilities()
   cap_t caps_orig = cap_get_proc();
 
   // Capabilities we need.
-  cap_value_t      perm_list[]    = {CAP_NET_ADMIN, CAP_NET_BIND_SERVICE, 
CAP_IPC_LOCK, CAP_DAC_OVERRIDE, CAP_FOWNER};
+  cap_value_t      perm_list[]    = {CAP_NET_ADMIN, CAP_NET_BIND_SERVICE, 
CAP_IPC_LOCK, CAP_DAC_OVERRIDE, CAP_FOWNER, CAP_CHOWN};

Review Comment:
   This line exceeds the maximum line length of 132 characters (currently 143 
characters). According to the C++ style guidelines for this repository, lines 
should not exceed 132 characters. Consider breaking this into multiple lines or 
using a more compact formatting.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to