Disconnect3d

I think adding libc argument makes sense, but the way it is proposed in this PR does not work. @ghsi10 have you tested your change at all? With your change,...

FWIW this issue or vulnerability was introduced in 12.0.0. Old versions of otplib defaulted to 20 bytes of randomness for OTP secret generation. See: * https://github.com/yeojz/otplib/blob/v11.0.1/packages/otplib-authenticator/Authenticator.js#L82-L96 Vs: * https://github.com/yeojz/otplib/blob/v12.0.0/packages/otplib-core/src/authenticator.ts#L265-L267 An...

For what is worth, the old version of the lib also has a quirk/bug/vulnerability where in practice it defaults to 15 and not to 20 bytes of entropy. Let's look...

Hey, > chal is basically an echo server and: > nsjail -Ml --port 50085 doesn't "stand well". As it is described in the nsjail `--help` examples: ``` Examples: Wait on...

That's great idea. It would be nice if we have an option to display them in nsjail. PS: I think you forgot to push your tool sources to your repo...

> [E][2021-07-19T20:13:00+0100][5543] bool subproc::runChild(nsjconf_t*, int, int, int)():455 nsjail tried to use the CLONE_NEWCGROUP clone flag, which is supported under kernel versions >= 4.6 only. Try disabling this flag: Invalid argument...

If u want an example where we sandboxed a Python app for a CTF challenge, exposed on a port, see https://github.com/justcatthefish/justctf-2020/blob/master/challenges/pwn_mylittlepwny/private/private/nsjail.cfg and the upper dir etc.

Can you show your `mounts` or at least `mount | grep cgroup`? Also, this isn't in a Docker container is it?

EDIT: below you can see some diagnosis of your issues, but I am wondering: is there any particular reason you want to use nsjail with cgroups v2 instead of v1?...

@robertswiecki with what we see above, I guess we could improve nsjail UX by: 1. Inspecting the `/cgroup.controllers` file and erroring out with a nice log that one has to...