* Ben Hutchings: > - Since Linux 3.1 setuid() never fails because of the process limit. > Thus wheezy and jessie should be unaffected, even if there's some > flaw in the first two points. I think with user namespace support at least, setuid can allocate memory, which can fail. But it's of course more difficult to exploit.