Dropping sesandbox support
by Sven Vermeulen, post on Fri 09 May 2014A vulnerability in
seunshare,
part of policycoreutils
, came to light recently (through bug
509896). The issue is
within libcap-ng
actually, but the specific situation in which the
vulnerability can be exploited is only available in seunshare
.
Now, seunshare
is not built by default on Gentoo. You need to define
USE …