[strace/strace] Sudo effective user don't work with --seccomp-bpf (#126)

Dmitry V. Levin notifications at github.com
Wed Feb 26 00:53:07 UTC 2020


On Tue, Feb 25, 2020 at 04:48:27PM -0800, Dmytro Kolomoiets wrote:
> Can we have an insecure option with BIG RED WARNING then, and allow these new privilages for any code under strace if user wants this ?

Unprivileged process is not allowed by the kernel to install a seccomp filter until PR_SET_NO_NEW_PRIVS is set.


-- 
You are receiving this because you commented.
Reply to this email directly or view it on GitHub:
https://github.com/strace/strace/issues/126#issuecomment-591175467
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strace.io/pipermail/strace-devel/attachments/20200226/3df835bc/attachment.html>


More information about the Strace-devel mailing list