Add a release note for the build-dir hardening

2024-09-19 10:50:24 -04:00 · 2024-04-09 10:48:05 +02:00 · 2024-04-09 10:48:05 +02:00 · 38822ce6d7
parent 3481a9c41d
commit 38822ce6d7
1 changed files with 8 additions and 0 deletions
--- a/doc/manual/rl-next/harden-user-sandboxing.md
+++ b/doc/manual/rl-next/harden-user-sandboxing.md
@ -0,0 +1,8 @@
+---
+synopsis: Harden the user sandboxing
+significance: significant
+issues:
+prs: <only provided once merged>
+---
+
+The build directory has been hardened against interference with the outside world by nesting it inside another directory owned by (and only readable by) the daemon user.