diff options
author | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2021-03-01 12:40:35 +0100 |
---|---|---|
committer | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2021-03-01 12:40:35 +0100 |
commit | ff0cb00535159bd9b4bb78d618df2f74b0663636 (patch) | |
tree | bf6bc7f313eda017e77930a555bdb1c9fdfa691e /src | |
parent | Add ./configure --enable-force-nonewprivs (diff) | |
download | firejail-ff0cb00535159bd9b4bb78d618df2f74b0663636.tar.gz firejail-ff0cb00535159bd9b4bb78d618df2f74b0663636.tar.zst firejail-ff0cb00535159bd9b4bb78d618df2f74b0663636.zip |
Clarify enforce_filters message
The current message misses the info that nnp and nogroups is applied
too. The new mentions nnp too, but is very long. If anyone has a better
wording, say it.
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/sandbox.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index e320e77f9..f1ab895db 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
@@ -594,7 +594,7 @@ static void enforce_filters(void) { | |||
594 | force_nonewprivs = 1; | 594 | force_nonewprivs = 1; |
595 | 595 | ||
596 | // disable all capabilities | 596 | // disable all capabilities |
597 | fmessage("\n** Warning: dropping all Linux capabilities **\n\n"); | 597 | fmessage("\n** Warning: dropping all Linux capabilities and setting NO_NEW_PRIVS prctl **\n\n"); |
598 | arg_caps_drop_all = 1; | 598 | arg_caps_drop_all = 1; |
599 | 599 | ||
600 | // drop all supplementary groups; /etc/group file inside chroot | 600 | // drop all supplementary groups; /etc/group file inside chroot |