[ https://issues.apache.org/jira/browse/MESOS-9770?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16888455#comment-16888455 ]
James Peach commented on MESOS-9770: ------------------------------------ | https://reviews.apache.org/r/71106/ | | https://reviews.apache.org/r/70757/| | https://reviews.apache.org/r/71107/ | > Add no-new-privileges isolator. > ------------------------------- > > Key: MESOS-9770 > URL: https://issues.apache.org/jira/browse/MESOS-9770 > Project: Mesos > Issue Type: Improvement > Components: containerization > Reporter: James Peach > Assignee: Jacob Janco > Priority: Major > > To give security-minded operators more defense in depth, add a {{linux/nnp}} > isolator that sets the no-new-privileges bit before starting the executor. -- This message was sent by Atlassian JIRA (v7.6.14#76016)