From 8b42adeddcf6a5fe9114d45e34bf11d19f8e879f Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Fri, 6 Jul 2018 18:34:08 +0200
Subject: [PATCH] Add /proc/acpi to masked paths

relates to CVE-2018-10892

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 oci/spec_unix.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/oci/spec_unix.go b/oci/spec_unix.go
index f791c357f..433e4735a 100644
--- a/oci/spec_unix.go
+++ b/oci/spec_unix.go
@@ -153,6 +153,7 @@ func createDefaultSpec(ctx context.Context, id string) (*Spec, error) {
 		},
 		Linux: &specs.Linux{
 			MaskedPaths: []string{
+				"/proc/acpi",
 				"/proc/kcore",
 				"/proc/latency_stats",
 				"/proc/timer_list",