-
Committer:
Simon Deziel
-
Date:
2016-04-21 21:58:04 UTC
-
Revision ID:
simon.deziel@gmail.com-20160421215804-570nk8b60bk77h8a
usr.sbin.sshd: deny net_admin that is not strictly required
Matthew Dawson explained why:
> sshd doesn't actually require the net_admin capability. libpam-systemd tries
> to use it if available to set the send/receive buffers size, but will fall
> back to a non-privileged version if it fails.
https://lists.ubuntu.com/archives/apparmor/2016-April/009586.html