/proc/self/setgroups write should be conditional

[kmcallister]

On my kernel this file doesn't exist and can't be created.

Linux rustmouth 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt2-1 (2014-12-08) x86_64 GNU/Linux

[mstewartgallus]

Then isn't your kernel insecure and should be upgraded immediately‽

[lucab]

No, if I remember correctly, not having it is fine if the kernel does not support userns. See https://security-tracker.debian.org/tracker/CVE-2014-8989 for this specific case.