# chroumium on gentoo-hardened CONFIG_GRKERNSEC breaks sandbox

## erg_samowzbudnik

Hi all,

compiling chromium-59.0.3071.104 I'm getting a warning:

CONFIG_GRKERNSEC breaks sandbox (bug #613668)

 * Please check to make sure these options are set correctly.

 * Failure to do so may cause unexpected problems.

I fail to find any info on this bug, should I be worried?

cheers

----------

## rob_dot_p

Grsec doesn't allow user namespaces.

You'll have to compile with the suid USE flag enabled.

running Chromium with CONFIG_GRKERNSEC and suid enabled:

https://i.imgur.com/hO7PPQR.png

----------

## erg_samowzbudnik

Thanks for prompt reply.

I did compile chromium with suid USE flag enabled though and yet got the warning.

What am I doing wrong?

----------

## Ant P.

Chromium always has the container-based sandbox enabled so you'll get that warning either way, it'll just fall back to the less secure suid one at runtime.

----------

## erg_samowzbudnik

Alright then, that explains it.

Thanks a lot

----------

