Stop making /usr/bin/bwrap setuid root (!2) · Merge requests · Debian / bubblewrap

Merged Simon McVittie requested to merge wip/not-setuid into debian/latest 4 years ago

Jan 01, 2021

Stop making /usr/bin/bwrap setuid root · 245de437

Simon McVittie authored 4 years ago

With Debian kernels >= 5.10, this is no longer necessary: unprivileged
users can now create user namespaces, the same as in upstream kernels
and Ubuntu.

For smooth upgrades, install a sysctl configuration fragment that will
configure older kernels to behave similarly if the recommended procps
package is installed.

Closes: #977758
Closes: #977841

245de437

Stop making /usr/bin/bwrap setuid root

Merge request reports

Activity