Hello! When I run the chromium (core20), chromium beta (core20) and brave (core18) snaps, I get the following info at about://sandbox
:
Sandbox Status
Layer 1 Sandbox Namespace
PID namespaces Yes
Network namespaces Yes
Seccomp-BPF sandbox Yes
Seccomp-BPF sandbox supports TSYNC Yes
Ptrace Protection with Yama LSM (Broker) Yes
Ptrace Protection with Yama LSM (Non-broker) No
I haven’t seen the last line about missing Ptrace Protection with other packaging formats (and have CONFIG_SECURITY_YAMA=y
in the kernel). Is a snap core issue the root cause (if it’s fixed in core22, what can I run to try it out)?