github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Merge pull request #7755 from cji/patch-1

Browse Source 
Fix process_vm_* syscall names in seccomp
This commit is contained in:
Akihiro Suda 2022-12-05 10:04:08 +09:00 committed by GitHub
commit be4a0d1ee5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
contrib/seccomp/seccomp_default.go
View File

@ -490,8 +490,8 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
if ok { if ok {
s.Syscalls = append(s.Syscalls, specs.LinuxSyscall{ s.Syscalls = append(s.Syscalls, specs.LinuxSyscall{
Names: []string{ Names: []string{
"process_vm_read", "process_vm_readv",
"process_vm_write", "process_vm_writev",
"ptrace", "ptrace",
}, },
Action: specs.ActAllow, Action: specs.ActAllow,