0ct0pu5/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #18968 from justincormack/stime

Browse source 
Block stime in default seccomp profile
This commit is contained in:
Arnaud Porterie 2015-12-29 10:07:40 -08:00
commit 294336a1af
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
daemon/execdriver/native/seccomp_default.go
View file

@ -280,6 +280,12 @@ var defaultSeccompProfile = &configs.Seccomp{
Action: configs.Errno, Action: configs.Errno,
Args: []*configs.Arg{}, Args: []*configs.Arg{},
}, },
{
// Time/Date is not namespaced
Name: "stime",
Action: configs.Errno,
Args: []*configs.Arg{},
},
{ {
// Deny start/stop swapping to file/device // Deny start/stop swapping to file/device
Name: "swapon", Name: "swapon",