We use cookies to ensure you get the best experience on our website
Startsida Utforska Hjälp
Registrera dig Logga in
0ct0pu5
/
moby
1
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Bläddra i källkod

seccomp: add name_to_handle_at to allowlist

Based on the analysis on [the previous PR][1].

  [1]: https://github.com/moby/moby/pull/45766#pullrequestreview-1493908145

Signed-off-by: Bjorn Neergaard <bjorn.neergaard@docker.com>
Bjorn Neergaard 2 år sedan
förälder
a78c06e3f0
incheckning
b335e3d305
2 ändrade filer med 2 tillägg och 0 borttagningar
Delad Vy Visa Diff Statistik
  1. 1 0
      profiles/seccomp/default.json
  2. 1 0
      profiles/seccomp/default_linux.go

+ 1 - 0
profiles/seccomp/default.json
Visa fil 

@@ -237,6 +237,7 @@
 
 				"munlock",
 
 				"munlockall",
 
 				"munmap",
 
+				"name_to_handle_at",
 
 				"nanosleep",
 
 				"newfstatat",
 
 				"_newselect",

+ 1 - 0
profiles/seccomp/default_linux.go
Visa fil 

@@ -229,6 +229,7 @@ func DefaultProfile() *Seccomp {
 
 					"munlock",
 
 					"munlockall",
 
 					"munmap",
 
+					"name_to_handle_at",
 
 					"nanosleep",
 
 					"newfstatat",
 
 					"_newselect",

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5