github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Fix process_vm_* syscall names in seccomp

Browse Source 
Signed-off-by: Craig Ingram <cjingram@google.com>
This commit is contained in:
Craig Ingram 2022-12-02 15:27:10 -05:00 committed by GitHub
parent c0a89fbbdd
commit afa19a0a78
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
contrib/seccomp/seccomp_default.go
View File

@ -490,8 +490,8 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
if ok { if ok {
s.Syscalls = append(s.Syscalls, specs.LinuxSyscall{ s.Syscalls = append(s.Syscalls, specs.LinuxSyscall{
Names: []string{ Names: []string{
"process_vm_read", "process_vm_readv",
"process_vm_write", "process_vm_writev",
"ptrace", "ptrace",
}, },
Action: specs.ActAllow, Action: specs.ActAllow,