From ff0cb00535159bd9b4bb78d618df2f74b0663636 Mon Sep 17 00:00:00 2001
From: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
Date: Mon, 1 Mar 2021 12:40:35 +0100
Subject: Clarify enforce_filters message

The current message misses the info that nnp and nogroups is applied
too. The new mentions nnp too, but is very long. If anyone has a better
wording, say it.
---
 src/firejail/sandbox.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c
index e320e77f9..f1ab895db 100644
--- a/src/firejail/sandbox.c
+++ b/src/firejail/sandbox.c
@@ -594,7 +594,7 @@ static void enforce_filters(void) {
 	force_nonewprivs = 1;
 
 	// disable all capabilities
-	fmessage("\n**     Warning: dropping all Linux capabilities     **\n\n");
+	fmessage("\n**     Warning: dropping all Linux capabilities and setting NO_NEW_PRIVS prctl     **\n\n");
 	arg_caps_drop_all = 1;
 
 	// drop all supplementary groups; /etc/group file inside chroot
-- 
cgit v1.2.3-70-g09d2