From: | Peter Stuge <peter@×××××.se> | ||
---|---|---|---|
To: | gentoo-dev@l.g.o | ||
Subject: | Re: [gentoo-dev] RFC: enabling ipc-sandbox & network-sandbox by default | ||
Date: | Mon, 12 May 2014 17:00:40 | ||
Message-Id: | 20140512170031.24619.qmail@stuge.se | ||
In Reply to: | Re: [gentoo-dev] RFC: enabling ipc-sandbox & network-sandbox by default by Mike Gilbert |
1 | Mike Gilbert wrote: |
2 | > On Mon, May 12, 2014 at 12:46 PM, Ciaran McCreesh <ciaran.mccreesh@××××××××××.com> wrote: |
3 | > > Why, though? |
4 | > |
5 | > We should probably emit an error message advising the user to enable |
6 | > the kernel option or disable the network-sandbox feature. This should |
7 | > happen when we call unshare() and that fails with errno == EINVAL. |
8 | |
9 | Why? Because that would be a sensible error message. |
10 | |
11 | |
12 | //Peter |