docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #22230 from justincormack/seccomp_dropcalls 

Remove mlock and vhangup from the default seccomp profile
This commit is contained in:
Alexander Morozov 2016-04-25 11:27:42 -07:00
parent 17d5c97c90 e7a99ae5e1
commit 48f25161be
2 changed files with 0 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
profiles/seccomp/default.json
View File

@ -713,21 +713,6 @@
"action": "SCMP_ACT_ALLOW", "action": "SCMP_ACT_ALLOW",
"args": [] "args": []
}, },
{
"name": "mlock",
"action": "SCMP_ACT_ALLOW",
"args": []
},
{
"name": "mlock2",
"action": "SCMP_ACT_ALLOW",
"args": []
},
{
"name": "mlockall",
"action": "SCMP_ACT_ALLOW",
"args": []
},
{ {
"name": "mmap", "name": "mmap",
"action": "SCMP_ACT_ALLOW", "action": "SCMP_ACT_ALLOW",
@ -1564,11 +1549,6 @@
"action": "SCMP_ACT_ALLOW", "action": "SCMP_ACT_ALLOW",
"args": [] "args": []
}, },
{
"name": "vhangup",
"action": "SCMP_ACT_ALLOW",
"args": []
},
{ {
"name": "vmsplice", "name": "vmsplice",
"action": "SCMP_ACT_ALLOW", "action": "SCMP_ACT_ALLOW",

20
profiles/seccomp/seccomp_default.go
View File

@ -745,21 +745,6 @@ var DefaultProfile = &types.Seccomp{
Action: types.ActAllow, Action: types.ActAllow,
Args: []*types.Arg{}, Args: []*types.Arg{},
}, },
{
Name: "mlock",
Action: types.ActAllow,
Args: []*types.Arg{},
},
{
Name: "mlock2",
Action: types.ActAllow,
Args: []*types.Arg{},
},
{
Name: "mlockall",
Action: types.ActAllow,
Args: []*types.Arg{},
},
{ {
Name: "mmap", Name: "mmap",
Action: types.ActAllow, Action: types.ActAllow,
@ -1593,11 +1578,6 @@ var DefaultProfile = &types.Seccomp{
Action: types.ActAllow, Action: types.ActAllow,
Args: []*types.Arg{}, Args: []*types.Arg{},
}, },
{
Name: "vhangup",
Action: types.ActAllow,
Args: []*types.Arg{},
},
{ {
Name: "vmsplice", Name: "vmsplice",
Action: types.ActAllow, Action: types.ActAllow,