Check for incompatible/incomplete options #3

Nytt Ärende

crtxcr · 2020-09-26T13:03:57+02:00

crtxcr kommenterad

2020-09-26 13:03:57 +02:00

Ägare

Currenlty, no_new_privs can be 0 and seccomp filtering enabled, causing prctl to fail

Possible solutions:

Silently enable no_new_privs when seccomp filter given (probably not)
Check for this and drop out with an error message. Check other combinations like this.

Same problem with chroot and namespaces options

Currenlty, no_new_privs can be 0 and seccomp filtering enabled, causing prctl to fail Possible solutions: 1) Silently enable no_new_privs when seccomp filter given (probably not) 2) Check for this and drop out with an error message. Check other combinations like this. Same problem with chroot and namespaces options

crtxcr ändrade titeln från ~~Check for no_new_privs required for seccomp filtering~~ till Check for no_new_privs for seccomp filtering

2020-09-26 13:04:04 +02:00

crtxcr ändrade titeln från ~~Check for no_new_privs for seccomp filtering~~ till Check for incompatible/incomplete options

2020-09-26 16:20:15 +02:00

crtxcr refererade till detta ärende från en incheckning

2021-05-09 12:57:57 +02:00

Begin check_policy_sanity(): Checks whether policy is reasonable

crtxcr refererade till detta ärende från en incheckning

2021-05-09 13:00:02 +02:00

Begin check_policy_sanity(): Checks whether policy is reasonable

Logga in för att delta i denna konversation.