Since Linux v4.9, drop USER_NS attack surface with /proc/sys/user/max_user_namespaces = 0 https://git.kernel.org/linus/f6b2db1a3e8d141dd144df58900fb0444d5d7c53 …https://lwn.net/Articles/673597/ …
-
-
Almost as if someone is deliberately missing the point
-
Yep :-/ why it is like that ? anyway in
#systemd we implemented "RestrictNamespaces=" https://www.freedesktop.org/software/systemd/man/systemd.exec.html … per-service and inherited...
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.