glen3b
commented
4 years ago I'm not really sure what's happening with the CI failures here, do you know?
Closed glen3b closed 4 years ago
glen3b
commented
4 years ago I'm not really sure what's happening with the CI failures here, do you know?
reberhardt7
commented
4 years ago Looks like it was some problem on Github's end. I reran CI and it worked fine this time
Docker, on recent kernel versions, whitelists the syscall without necessitating the add-dangerous-permission flag. Courtesy of this blog post.
Addresses #31. While this is the most important change on that front, I'm leaving that issue per discussion with @reberhardt7 for discussion the possibility that we can add a syscall filter to the user code to prevent the ptrace syscall entirely (as opposed to just the high-privilege 'ptrace anything' capability). It's a lower-priority issue now.