What are useful resources to read about re: gotchas with CapAmb/CapInh when setuid binaries are possible (can't set NO_NEW_PRIVS)?
so that should mean that there are no gotchas security-wise, although it might be an issue functionality-wise
-
-
The binaries are not setuid, but rather have SELinux rules to change domains on exec. Ping me internally <3
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.