Information
ID: 362
PHID: PHID-TASK-n6p2gnpqia7hofexrswe
Author: HulaHoop
Status at Migration Time: resolved
Priority at Migration Time: Normal
Description
This will likely easily be possible once we’re based on #debian_version_9_codename_stretch.
Source:
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=760299
- Debian -- Package Search Results -- systemd
Once available, its a matter of adding whitelisted calls using SystemCallFilter= in a service unit file.
strace logs may help further debugging:
Worth checking out… Quote: Tails report for January, 2016
Change to systemd as init system and use it to:
- Sandbox many services using Linux namespaces and make them harder to exploit.
Comments
Patrick
2019-11-06 02:34:21 UTC