On 12/4/22 10:07, Helge Kreutzmann wrote:
Without further ado, the following was found: Issue: Text missing? in order to drop → in order to drop privileges?
From what I read, I think it wanted to say "drop groups". Fixed. Thanks! Cheers, Alex
"/* Linux 3.19 made a change in the handling of setgroups(2) and the\n" " \\(aqgid_map\\(aq file to address a security issue. The issue allowed\n" " *unprivileged* users to employ user namespaces in order to drop\n" " The upshot of the 3.19 changes is that in order to update the\n" " \\(aqgid_maps\\(aq file, use of the setgroups() system call in this\n" " user namespace must first be disabled by writing \"deny\" to one of\n" " the /proc/PID/setgroups files for this namespace. That is the\n" " purpose of the following function. */\n"
-- <http://www.alejandro-colomar.es/>
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
