Check for incompatible/incomplete options #3

Yeni Konu

crtxcr · 2020-09-26T13:03:57+02:00

crtxcr

2020-09-26 13:03:57 +02:00

yorum yaptı

Sahibi

Currenlty, no_new_privs can be 0 and seccomp filtering enabled, causing prctl to fail

Possible solutions:

Silently enable no_new_privs when seccomp filter given (probably not)
Check for this and drop out with an error message. Check other combinations like this.

Same problem with chroot and namespaces options

Currenlty, no_new_privs can be 0 and seccomp filtering enabled, causing prctl to fail Possible solutions: 1) Silently enable no_new_privs when seccomp filter given (probably not) 2) Check for this and drop out with an error message. Check other combinations like this. Same problem with chroot and namespaces options

crtxcr başlığı ~~Check for no_new_privs required for seccomp filtering~~ iken Check for no_new_privs for seccomp filtering olarak 2020-09-26 13:04:04 +02:00 değiştirdi

crtxcr başlığı ~~Check for no_new_privs for seccomp filtering~~ iken Check for incompatible/incomplete options olarak 2020-09-26 16:20:15 +02:00 değiştirdi

crtxcr

2021-05-09 12:57:57 +02:00

işlemesinde bu konuyu işaret etti

Begin check_policy_sanity(): Checks whether policy is reasonable

crtxcr

2021-05-09 13:00:02 +02:00

işlemesinde bu konuyu işaret etti

Begin check_policy_sanity(): Checks whether policy is reasonable

Bu konuşmaya katılmak için oturum aç.