idea: fingerprint unshare and nsenter paths

shoenig / nomad-pledge-driver

Nomad task driver capable of blocking unwanted syscall and filesystem access. Based on the pledge utility for Linux by Justine Tunney

Mozilla Public License 2.0

22 stars 2 forks source link

Closed shoenig closed 1 year ago

shoenig commented 1 year ago

We should detect if unshare and/or nsenter are not finadable on $PATH, and set the plugin status to unhealthy if they are not found.