[
https://issues.apache.org/jira/browse/TS-338?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12864839#action_12864839
]
Leif Hedstrom commented on TS-338:
----------------------------------
I think George had started work on this, but can't remember which bug it was
on. As you pointed out, it wasn't particularly cross-platform / safe, so
definitely need to support both methods.
> Use POSIX capabilities instead of user ID switching.
> ----------------------------------------------------
>
> Key: TS-338
> URL: https://issues.apache.org/jira/browse/TS-338
> Project: Traffic Server
> Issue Type: Improvement
> Components: Security
> Affects Versions: 2.0.0
> Reporter: Alan M. Carroll
> Priority: Minor
>
> Instead of switching the user id around (via seteuid() and the like), use
> POSIX capabilities to retain the appropriate privileges as a non-root user.
> This will have to be done as an optional feature because while modern Linux
> kernels are compliant, older kernels may not be and the compliance status of
> other operating systems (e.g. BSD) is unclear.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
