0ct0pu5/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #18956 from justincormack/umount

Browse source 
Block original umount syscall in default seccomp filter
This commit is contained in:
Arnaud Porterie 2015-12-29 10:19:04 -08:00
commit a32b06b067
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
daemon/execdriver/native/seccomp_default.go
View file

@ -316,6 +316,12 @@ var defaultSeccompProfile = &configs.Seccomp{
Action: configs.Errno,
Args: []*configs.Arg{},
},
{
// Deny umount
Name: "umount",
Action: configs.Errno,
Args: []*configs.Arg{},
},
{
// Deny umount
Name: "umount2",