Outdated docs on "Ubuntu security tips" for seccomp
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Snappy |
Fix Released
|
Low
|
Graham Morrison |
Bug Description
The Ubuntu security tips doc has outdated information:
"The same process as above holds for seccomp except the seccomp policy is in /var/lib/
As covered in https:/
Furthermore, it's wrong to say that the seccomp profile doesn't need to be explicitly loaded. The profile source (the *.src file in the profile directory) needs to be recompiled into the profile binary (*.bin in the profile directory) as detailed in this Snapcraft forum post: https:/
Changed in snappy: | |
assignee: | nobody → Jamie Strandboge (jdstrand) |
status: | New → Confirmed |
importance: | Undecided → Low |
This should be covered by the new https:/ /forum. snapcraft. io/t/debugging- snaps/18420 doc and the revamped https:/ /forum. snapcraft. io/t/security- policy- and-sandboxing/ 554 which refers to it. Thanks Graham!