non-setuid chrome-sandbox fails without sysctl kernel.unprivileged_userns_clone=1
Bug #1914786 reported by
Chris Patterson
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
snapd |
Triaged
|
Medium
|
Samuele Pedroni |
Bug Description
The browser-sandbox interface is intended to allow for sandboxed applications to run.
On Debian 10, and perhaps other distros where sysctl kernel.
Specifically, the following system call will fail:
clone(child_
The `teams` snap is a good example of this. As a user, there is no obvious indication what happened when the application fails to launch on Debian 10. Running sysctl kernel.
Related branches
~emitorino/review-tools:sec_mode_overrides_for_skype
- Alex Murray: Approve
- Samuele Pedroni: Pending requested
-
Diff: 12 lines (+1/-0)1 file modifiedreviewtools/overrides.py (+1/-0)
Changed in snapd: | |
assignee: | nobody → Samuele Pedroni (pedronis) |
Changed in snapd: | |
status: | New → Triaged |
importance: | Undecided → Medium |
importance: | Medium → High |
Changed in snapd: | |
importance: | High → Medium |
To post a comment you must log in.