On 15.04.19 21:59, Aleksa Sarai wrote: > Just spit-balling -- is no_new_privs not sufficient for this usecase?> Not granting privileges such as setuid during execve(2) is the main> point of that flag. Oh, I wasn't aware of that. Thanks. --mtx -- Enrico Weigelt, metux IT consult Free software and Linux embedded engineering info@xxxxxxxxx -- +49-151-27565287