lp:~mvo/snap-confine/drop-root-early-use-caps

Created by Michael Vogt and last modified
Get this branch:
bzr branch lp:~mvo/snap-confine/drop-root-early-use-caps
Only Michael Vogt can upload to this branch. If you are Michael Vogt please log in for upload directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Michael Vogt
Project:
snap-confine
Status:
Development

Recent revisions

45. By Michael Vogt

WIP use libcap/CAP_SYS_ADMIN for writing to devices.allow, drop root as early as possible

44. By Michael Vogt

src/main.c: document why we do not do setgroups()

43. By Michael Vogt

src/seccomp.c: clarify why its ok to ignore syscall_nr == __NR_SCMP_ERROR errors

42. By Michael Vogt

add path validation

41. By Michael Vogt

Do not drop suplementary groups, they are important for docker
and similar, mkay

40. By Michael Vogt

fix off-by-one error

39. By Michael Vogt

releasing package ubuntu-core-launcher version 0.2.4

38. By Michael Vogt

src/main.c: remove ()

37. By Michael Vogt

src/main.c: simplify execv() call

36. By Michael Vogt

fix TOCTOU issue in mkdir of the cgroups

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:~snappy-dev/snap-confine/trunk
This branch contains Public information 
Everyone can see this information.

Subscribers