lp://qastaging/~jdstrand/snap-confine/ubuntu-core-launcher.nnp-off
Created by
Jamie Strandboge
and last modified
- Get this branch:
- bzr branch lp://qastaging/~jdstrand/snap-confine/ubuntu-core-launcher.nnp-off
Only
Jamie Strandboge
can upload to this branch. If you are
Jamie Strandboge
please log in for upload directions.
Branch merges
Propose for merging
No branches
dependent on this one.
- Tyler Hicks (community): Abstain
- Seth Arnold: Needs Fixing
- Jamie Strandboge (community): Approve
-
Diff: 181 lines (+79/-15)5 files modifieddebian/changelog (+10/-0)
src/main.c (+27/-14)
src/seccomp.c (+35/-1)
tests/test_create_user_data (+4/-0)
tests/test_restrictions_working (+3/-0)
Branch information
Recent revisions
- 105. By Jamie Strandboge
-
no need to check getuid() and getgid() after only dropping euid
update comments - 104. By Jamie Strandboge
-
make priv dropping/raising errors more clear
adjust checks for when to raise/drop to work with sudo - 101. By Jamie Strandboge
-
old drop euid so we can raise privs for seccomp_load(), then drop permanently
- 99. By Jamie Strandboge
-
use seccomp_attr_set() to turn SCMP_FLTATR_CTL_NNP off
add comments for why turning off nnp is okTODO: the above only works for root, need to adjust privilege dropping for
non-root users - 97. By Jamie Strandboge
-
[ Jamie Strandboge ]
src/main.c: don't set the obsoleted SNAPP_APP_TMPDIR (LP: #1550405)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://qastaging/~snappy-dev/snap-confine/trunk