Thread: Flatpak on Sailfish OS
View Single Post
rinigus is offline rinigus
2020-02-25 , 07:44
Posts: 1,414 | Thanked: 7,547 times | Joined on Aug 2016 @ Estonia
#61
That could be considerable roadblock for the older kernels out there. Looks like you fail at

Code:
  /* Never gain any more privs during exec */
  if (prctl (PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) < 0)
    die_with_error ("prctl(PR_SET_NO_NEW_CAPS) failed");
PR_SET_NO_NEW_PRIVS, according to manuals, has been introduced into 3.5 kernels. So, older kernels, including S2 and the several devices with 3.4 are no go, as far as I understand.

From looking around, it seems that there are backports available, though. See https://wiki.mozilla.org/Security/Sandbox/Seccomp and https://bugzilla.mozilla.org/show_bug.cgi?id=790923 referenced there. Cannot guarantee that it will work, though.

Note that there could be more backports available, I just took one of the first links.
 

The Following 3 Users Say Thank You to rinigus For This Useful Post: