Find a way to not need `CAP_SYS_ADMIN`

Question

dgtlmoon opened this issue a year ago · 2 comments

CAP_SYS_ADMIN is too powerful

Answer 1 · 2024-02-08T13:01:10.000Z

resolved with seccomp

Answer 2 · 2024-11-09T11:21:47.000Z

Could some more information be shared on how to limit the container's required privileges? What profile do you use?

In the changedetection-io docker-compose file the SYS_ADMIN capabilities are still listed. That seems a bit excessive.