(no title)
Bu9818
|
2 years ago
The vast majority of services and user programs don't need to escalate privileges by invoking SUID/SGID binaries. no_new_privs should be used on them so that the "setuid with libc/LD programs" security boundary is avoided.
No comments yet.