github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Merge pull request from GHSA-7ww5-4wqc-m92c

Browse Source 
[main] deny /sys/devices/virtual/powercap
This commit is contained in:
Derek McGowan
2023-12-08 11:35:49 -08:00
committed by GitHub
parent 4a6a5af8d0 6c6dfcbce2
commit 9e4d53df75
2 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
oci/spec.go
View File

@@ -196,6 +196,7 @@ func populateDefaultUnixSpec(ctx context.Context, s *Spec, id string) error {
"/proc/timer_stats",
"/proc/sched_debug",
"/sys/firmware",
"/sys/devices/virtual/powercap",
"/proc/scsi",
},
ReadonlyPaths: []string{