[Bug 82531] Nondumpable processes that are sandboxed with CLONE_NEWUSER can be ptraced from outside.
From: <hidden>
Date: 2014-08-21 19:05:29
Possibly related (same subject, not in this thread)
- 2016-03-13 · [Bug 82531] Nondumpable processes that are sandboxed with CLONE_NEWUSER can be ptraced from outside. · <hidden>
- 2015-06-14 · [Bug 82531] Nondumpable processes that are sandboxed with CLONE_NEWUSER can be ptraced from outside. · <hidden>
- 2015-06-13 · [Bug 82531] Nondumpable processes that are sandboxed with CLONE_NEWUSER can be ptraced from outside. · <hidden>
- 2015-06-13 · [Bug 82531] Nondumpable processes that are sandboxed with CLONE_NEWUSER can be ptraced from outside. · <hidden>
- 2015-06-13 · [Bug 82531] Nondumpable processes that are sandboxed with CLONE_NEWUSER can be ptraced from outside. · <hidden>
https://bugzilla.kernel.org/show_bug.cgi?id=82531 Alan [off-list ref] changed: What |Removed |Added ---------------------------------------------------------------------------- Component|Other |man-pages Assignee|other_other-ztI5WcYan/vzT1o0prF9pg@public.gmane.org |documentation_man-pages@ker |l.org |nel-bugs.osdl.org Product|Other |Documentation
--- Comment #3 from Alan <alan-qBU/x9rampVanCEyBjwyrvXRex20P6io@public.gmane.org> ---If I am outside the sandbox then I can equally patch the kernel if I have all the rights I need. You either need everything sandboxed or you need a trusted element (TPM, smartcard etc) to do the crunching and keep the secrets. I don't think the docs are unclear but I'll move it to man pages -- You are receiving this mail because: You are watching the assignee of the bug. -- To unsubscribe from this list: send the line "unsubscribe linux-man" in the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org More majordomo info at http://vger.kernel.org/majordomo-info.html