moby/profiles
Justin Cormack e7a99ae5e1 Remove mlock and vhangup from the default seccomp profile
These syscalls are already blocked by the default capabilities:
mlock mlock2 mlockall require CAP_IPC_LOCK
vhangup requires CAP_SYS_TTY_CONFIG

There is therefore no reason to allow them in the default profile
as they cannot be used anyway.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2016-04-21 18:23:59 +01:00
..
apparmor profiles: apparmor: actually calculate version 2016-03-20 19:03:19 +11:00
seccomp Remove mlock and vhangup from the default seccomp profile 2016-04-21 18:23:59 +01:00