Control: retitle -1 Misleading documentation about NoNewPrivileges and UID
changes
Control: tag -1 + upstream
Hi,
Ansgar Burchardt wrote (31 Jul 2014 09:53:21 GMT) :
It works as intended, but the documentation might be a bit misleading.
NoNewPrivileges only affects the exec syscall which will
Hi again,
Ansgar Burchardt wrote (31 Jul 2014 10:04:52 GMT) :
Oh, and one other thing that might be worth mentioning in this context:
| Be careful, though: LSMs might also not tighten constraints on exec
| in no_new_privs mode. (This means that setting up a general-purpose
| service
Processing commands for cont...@bugs.debian.org:
forwarded 756604 https://bugs.freedesktop.org/show_bug.cgi?id=81959
Bug #756604 [systemd] Misleading documentation about NoNewPrivileges and UID
changes
Set Bug forwarded-to-address to
'https://bugs.freedesktop.org/show_bug.cgi?id=81959'.
Package: systemd
Version: 44-11+deb7u4
Severity: normal
Today I had a server fail to restart when I ran the reboot command. When I
got to it I saw the following on the console:
Could not remount as read-only /: Device or resource busy
Not all file systems unmounted, 1 left.
Cannot finalize