Adding /proc/timer_list to the masked paths list · 03bd00b68f - Gogs

Bläddra i källkod

Adding /proc/timer_list to the masked paths list

/proc/timer_list seems to leak information about the host. Here is
an example from a busybox container running on docker+kubernetes.

 # cat /proc/timer_list | grep -i -e kube
 <ffff8800b8cc3db0>, hrtimer_wakeup, S:01, futex_wait_queue_me, kubelet/2497
 <ffff880129ac3db0>, hrtimer_wakeup, S:01, futex_wait_queue_me, kube-proxy/3478
 <ffff8800b1b77db0>, hrtimer_wakeup, S:01, futex_wait_queue_me, kube-proxy/3470
 <ffff8800bb6abdb0>, hrtimer_wakeup, S:01, futex_wait_queue_me, kubelet/2499

Signed-Off-By: Davanum Srinivas <davanum@gmail.com>
Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Davanum Srinivas 9 år sedan

förälder

faaab62f73

incheckning

03bd00b68f

1 ändrade filer med 1 tillägg och 0 borttagningar

Delad Vy Visa Diff Statistik

						
							+ 1
							
							- 0
						
oci/defaults_linux.go
							 
								Visa fil
							
				@@ -81,6 +81,7 @@ func DefaultSpec() specs.Spec {
			
				 		MaskedPaths: []string{
			
				 			"/proc/kcore",
			
				 			"/proc/latency_stats",
			
				+			"/proc/timer_list",
			
				 			"/proc/timer_stats",
			
				 			"/proc/sched_debug",
			
				 		},