docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove adjtimex. (#6032)

This commit is contained in:
Bryan Thornbury 2018-05-10 09:40:37 -07:00 committed by Gwendolynne Barr
parent 3f4f3d1509
commit f32bbe902d
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
engine/security/seccomp.md
View File

@ -66,7 +66,6 @@ the reason each syscall is blocked rather than white-listed.
|---------------------|---------------------------------------------------------------------------------------------------------------------------------------| |---------------------|---------------------------------------------------------------------------------------------------------------------------------------|
| `acct` | Accounting syscall which could let containers disable their own resource limits or process accounting. Also gated by `CAP_SYS_PACCT`. | | `acct` | Accounting syscall which could let containers disable their own resource limits or process accounting. Also gated by `CAP_SYS_PACCT`. |
| `add_key` | Prevent containers from using the kernel keyring, which is not namespaced. | | `add_key` | Prevent containers from using the kernel keyring, which is not namespaced. |
| `adjtimex` | Similar to `clock_settime` and `settimeofday`, time/date is not namespaced. Also gated by `CAP_SYS_TIME`. |
| `bpf` | Deny loading potentially persistent bpf programs into kernel, already gated by `CAP_SYS_ADMIN`. | | `bpf` | Deny loading potentially persistent bpf programs into kernel, already gated by `CAP_SYS_ADMIN`. |
| `clock_adjtime` | Time/date is not namespaced. Also gated by `CAP_SYS_TIME`. | | `clock_adjtime` | Time/date is not namespaced. Also gated by `CAP_SYS_TIME`. |
| `clock_settime` | Time/date is not namespaced. Also gated by `CAP_SYS_TIME`. | | `clock_settime` | Time/date is not namespaced. Also gated by `CAP_SYS_TIME`. |