NEWS
- handle user does not exist
- report when run as non-privileged user (can't change user)
What is one way?
A tool to drop privileges in a non-reversible way (ex. for docker entry-points)
It uses Linux kernel system call prctl
with PR_SET_NO_NEW_PRIVS
to achieve this
There is no way to gain privileges again, even with setuid
binaries