From 0f831093ce6ed28a9bb21f839d3f369ca6be9113 Mon Sep 17 00:00:00 2001 From: Michael Crosby Date: Mon, 8 Jun 2020 12:47:25 -0500 Subject: [PATCH] Update usage of whitelist in project Signed-off-by: Michael Crosby --- SCOPE.md | 2 +- contrib/seccomp/seccomp_default.go | 2 +- contrib/seccomp/seccomp_default_unsupported.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/SCOPE.md b/SCOPE.md index aac7a19d0..aec9da915 100644 --- a/SCOPE.md +++ b/SCOPE.md @@ -52,6 +52,6 @@ containerd is designed to be embedded into a larger system, hence it only includ ### How is the scope changed? -The scope of this project is a whitelist. +The scope of this project is an allowed list. If it's not mentioned as being in scope, it is out of scope. For the scope of this project to change it requires a 100% vote from all maintainers of the project. diff --git a/contrib/seccomp/seccomp_default.go b/contrib/seccomp/seccomp_default.go index aa1a80799..dfaf408ec 100644 --- a/contrib/seccomp/seccomp_default.go +++ b/contrib/seccomp/seccomp_default.go @@ -47,7 +47,7 @@ func arches() []specs.Arch { } } -// DefaultProfile defines the whitelist for the default seccomp profile. +// DefaultProfile defines the allowed syscalls for the default seccomp profile. func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp { syscalls := []specs.LinuxSyscall{ { diff --git a/contrib/seccomp/seccomp_default_unsupported.go b/contrib/seccomp/seccomp_default_unsupported.go index 14d7b75e1..6d7051058 100644 --- a/contrib/seccomp/seccomp_default_unsupported.go +++ b/contrib/seccomp/seccomp_default_unsupported.go @@ -20,7 +20,7 @@ package seccomp import specs "github.com/opencontainers/runtime-spec/specs-go" -// DefaultProfile defines the whitelist for the default seccomp profile. +// DefaultProfile defines the allowed syscalls for the default seccomp profile. func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp { return &specs.LinuxSeccomp{} }