diff options
author | smitsohu <smitsohu@gmail.com> | 2020-08-17 16:38:47 +0200 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2020-08-17 16:38:47 +0200 |
commit | 515f3440439fa8c70e5e517b529cdc994845f6ec (patch) | |
tree | e6f59a204b6f700dfd2445a0b5adc76ad7894de0 /test/network/net_none.exp | |
parent | firejail: don't pass command line through shell when redirecting output (diff) | |
download | firejail-515f3440439fa8c70e5e517b529cdc994845f6ec.tar.gz firejail-515f3440439fa8c70e5e517b529cdc994845f6ec.tar.zst firejail-515f3440439fa8c70e5e517b529cdc994845f6ec.zip |
hardening: run plugins with dumpable flag cleared
the kernel clears the dumpable flag if a user has no read permission on an
executable and it is owned by another user; I omitted faudit, fbuilder and
ftee for now as they are not used to configure the sandbox itself, and as
this commit is going to complicate debugging efforts to some extent
Diffstat (limited to 'test/network/net_none.exp')
0 files changed, 0 insertions, 0 deletions