github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

seccomp: whitelist statx syscall

Browse Source 
This whitelists the statx syscall; libseccomp-2.3.3 or up
is needed for this, older seccomp versions will ignore this.

Equivalent of https://github.com/moby/moby/pull/36417

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn 2019-03-20 11:52:26 +01:00
parent 9ab4c8cbcc
commit 8f8fd3c3a8
No known key found for this signature in database
GPG Key ID: 76698F39D527CE8C
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
contrib/seccomp/seccomp_default.go
View File

@ -320,6 +320,7 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
"stat64",
"statfs",
"statfs64",
"statx",
"symlink",
"symlinkat",
"sync",