People will use the equivalent of audit2allow

yorwba • last Saturday at 5:06 PM • 1 reply • view on HN

People will use the equivalent of audit2allow https://linux.die.net/man/1/audit2allow and not go the extra mile of defining fine-grained capabilities to reduce the attack surface to a minimum.

Replies

sitkack • last Saturday at 7:30 PM

    {
        "permissions": {
            "allow": [
            "Bash(bash:*)",
            ],
            "deny": []
        }
    }

alt Hacker News

Replies