sbbs binary: Debian Linux AARCH64 sigfault or permission denied

BBS:      TELESC.NET.BR
Assunto:  sbbs binary: Debian Linux AARCH64 sigfault or permission denied
De:       Deucе
Data:     Fri, 27 Feb 2026 06:33:13 -0800
-----------------------------------------------------------
https://gitlab.synchro.net/main/sbbs/-/issues/685#note_8455

AI tells me this:

**1. Seccomp Permission**  
The default Docker Seccomp Profile returns EPERM (Operation not permitted) for personality() unless it is called with specific, safe flags (like those used for uname emulation). ADDR_COMPAT_LAYOUT is generally not in this "safe" allowlist.  
_Recommendation:_ Use --security-opt seccomp=unconfined to verify if this is the only blocker.  
_Production Fix:_ Create a Custom Seccomp Profile that adds personality to the syscalls allowlist without restrictions on the arguments. 

**2. Capabilities**  
While some personality() flags are unprivileged, modifying the memory layout of a process can sometimes be gated by CAP_SYS_ADMIN depending on the specific kernel version and architecture-specific security patches.  
_Requirement:_ Add the capability using --cap-add=SYS_ADMIN.
--- SBBSecho 3.37-Linux
 * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

-----------------------------------------------------------
[Voltar]