diff options
author | LinkTed <link.ted@mailbox.org> | 2022-01-03 20:30:46 +0200 |
---|---|---|
committer | Mike Frysinger <vapier@gmail.com> | 2022-02-06 17:17:46 -0500 |
commit | 8115f3274eab06743603aec502ae311e3bf0724b (patch) | |
tree | 9b7dcd790b277237042385af4ad8414390077b0a /man | |
parent | 79e5edc1a3187ef63bed80fe4ecb05a898b68f00 (diff) |
linux: Add support for No New Privs flag
This add No New Privs flag for start-stop-daemon and supervise-daemon
by adding --no-new-privs flag. As a result, the user set the No New
Privs flag for the program should run with.
see PR_SET_NO_NEW_PRIVS prctl(2)
Diffstat (limited to 'man')
-rw-r--r-- | man/start-stop-daemon.8 | 2 | ||||
-rw-r--r-- | man/supervise-daemon.8 | 2 |
2 files changed, 4 insertions, 0 deletions
diff --git a/man/start-stop-daemon.8 b/man/start-stop-daemon.8 index aedbd0cb..257cad70 100644 --- a/man/start-stop-daemon.8 +++ b/man/start-stop-daemon.8 @@ -168,6 +168,8 @@ The format is the same as in cap_iab(3). Set the security-bits for the program. The numeric value of the security-bits can be found in <sys/secbits.h> header file. The format is the same as in strtoul(3). +.It Fl -no-new-privs +Set the No New Privs flag for the program. See PR_SET_NO_NEW_PRIVS prctl(2). .It Fl w , -wait Ar milliseconds Wait .Ar milliseconds diff --git a/man/supervise-daemon.8 b/man/supervise-daemon.8 index 799a791a..dcefe2ee 100644 --- a/man/supervise-daemon.8 +++ b/man/supervise-daemon.8 @@ -165,6 +165,8 @@ The format is the same as in cap_iab(3). Set the security-bits for the program. The numeric value of the security-bits can be found in <sys/secbits.h> header file. The format is the same as in strtoul(3). +.It Fl -no-new-privs +Set the No New Privs flag for the program. See PR_SET_NO_NEW_PRIVS prctl(2). .El .Sh ENVIRONMENT .Va SSD_IONICELEVEL |