On Mon, Jul 10, 2017 at 4:25 PM, Stephen Smalley wrote:
> As systemd ramps up enabling NoNewPrivileges (either explicitly in
> service unit files or as a side effect of other security-related
> settings in service unit files), we're increasingly running afoul of
> its
On Tue, Jul 11, 2017 at 04:23:29PM -0400, Stephen Smalley wrote:
> On Tue, 2017-07-11 at 22:10 +0200, Dominick Grift wrote:
> > On Tue, Jul 11, 2017 at 10:05:36PM +0200, Dominick Grift wrote:
> > > On Tue, Jul 11, 2017 at 03:52:52PM -0400, Stephen Smalley wrote:
> > > > On Mon, 2017-07-10 at 16:25
On Tue, 2017-07-11 at 22:10 +0200, Dominick Grift wrote:
> On Tue, Jul 11, 2017 at 10:05:36PM +0200, Dominick Grift wrote:
> > On Tue, Jul 11, 2017 at 03:52:52PM -0400, Stephen Smalley wrote:
> > > On Mon, 2017-07-10 at 16:25 -0400, Stephen Smalley wrote:
> > > > As systemd ramps up enabling
On Tue, Jul 11, 2017 at 10:05:36PM +0200, Dominick Grift wrote:
> On Tue, Jul 11, 2017 at 03:52:52PM -0400, Stephen Smalley wrote:
> > On Mon, 2017-07-10 at 16:25 -0400, Stephen Smalley wrote:
> > > As systemd ramps up enabling NoNewPrivileges (either explicitly in
> > > service unit files or as a
On Tue, Jul 11, 2017 at 03:52:52PM -0400, Stephen Smalley wrote:
> On Mon, 2017-07-10 at 16:25 -0400, Stephen Smalley wrote:
> > As systemd ramps up enabling NoNewPrivileges (either explicitly in
> > service unit files or as a side effect of other security-related
> > settings in service unit
On Mon, 2017-07-10 at 16:25 -0400, Stephen Smalley wrote:
> As systemd ramps up enabling NoNewPrivileges (either explicitly in
> service unit files or as a side effect of other security-related
> settings in service unit files), we're increasingly running afoul of
> its interactions with SELinux.
On Mon, Jul 10, 2017 at 10:18 AM, Eric W. Biederman
wrote:
> Kees Cook writes:
>
>> On Mon, Jul 10, 2017 at 1:57 AM, Eric W. Biederman
>> wrote:
>>> Kees Cook writes:
>>>
There are several places