1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-24 21:34:08 +03:00

man: add link to kernel docs about no_new_privs

This commit is contained in:
Zbigniew Jędrzejewski-Szmek 2017-11-19 11:58:45 +01:00
parent f56e7bfe2b
commit a6fabe384d

View File

@ -1448,7 +1448,11 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
<varname>RestrictAddressFamilies=</varname>, <varname>RestrictNamespaces=</varname>, <varname>RestrictAddressFamilies=</varname>, <varname>RestrictNamespaces=</varname>,
<varname>PrivateDevices=</varname>, <varname>ProtectKernelTunables=</varname>, <varname>PrivateDevices=</varname>, <varname>ProtectKernelTunables=</varname>,
<varname>ProtectKernelModules=</varname>, <varname>MemoryDenyWriteExecute=</varname>, or <varname>ProtectKernelModules=</varname>, <varname>MemoryDenyWriteExecute=</varname>, or
<varname>RestrictRealtime=</varname> are specified.</para></listitem> <varname>RestrictRealtime=</varname> are specified.</para>
<para>Also see
<ulink url="https://www.kernel.org/doc/html/latest/userspace-api/no_new_privs.html">No New Privileges Flag</ulink>.
</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>