Affected by GO-2026-4883 and 4 other vulnerabilities

GO-2026-4883: Moby has an Off-by-one error in its plugin privilege validation in github.com/docker/docker

GO-2026-4887: Moby has AuthZ plugin bypass when provided oversized request bodies in github.com/docker/docker

GO-2026-5617: Docker: Race condition in docker cp allows bind mount redirection to host path in github.com/docker/docker

GO-2026-5668: Docker: Race condition in docker cp allows creation of arbitrary empty files on the host via symlink swap in github.com/docker/docker

GO-2026-5746: Docker: `PUT /containers/{id}/archive` executes container binary on the host in github.com/docker/docker

caps

package

v28.2.0-rc.2+incompatible Latest Latest Go to latest Published: May 22, 2025 License: Apache-2.0 Imports: 7 Imported by: 242

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/docker/docker

Links

Documentation ¶

Rendered for

Index ¶

func DefaultCapabilities() []string
func GetAllCapabilities() []string
func NormalizeLegacyCapabilities(caps []string) ([]string, error)
func TweakCapabilities(basics, adds, drops []string, privileged bool) ([]string, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func DefaultCapabilities ¶

func DefaultCapabilities() []string

DefaultCapabilities returns a Linux kernel default capabilities

func GetAllCapabilities ¶

func GetAllCapabilities() []string

GetAllCapabilities returns all capabilities that are available in the current environment.

func NormalizeLegacyCapabilities ¶

func NormalizeLegacyCapabilities(caps []string) ([]string, error)

NormalizeLegacyCapabilities normalizes, and validates CapAdd/CapDrop capabilities by upper-casing them, and adding a CAP_ prefix (if not yet present).

This function also accepts the "ALL" magic-value, that's used by CapAdd/CapDrop.

func TweakCapabilities ¶

func TweakCapabilities(basics, adds, drops []string, privileged bool) ([]string, error)

TweakCapabilities tweaks capabilities by adding, dropping, or overriding capabilities in the basics capabilities list.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL