Merge pull request #22669 from thaJeztah/docs-update-seccomp-whitelist

docs: update seccomp whitelist Upstream-commit: 4c654eeea209b9770071fe190d27976622298cdd Component: engine
2016-05-11 18:59:53 +02:00
parent eb47def058 d537ac63ac
commit db8ad55d48
1 changed files with 0 additions and 1 deletions
--- a/components/engine/docs/security/seccomp.md
+++ b/components/engine/docs/security/seccomp.md
@ -99,7 +99,6 @@ the reason each syscall is blocked rather than white-listed.
 | `keyctl`            | Prevent containers from using the kernel keyring, which is not namespaced.                                   |
 | `lookup_dcookie`    | Tracing/profiling syscall, which could leak a lot of information on the host.                                |
 | `mbind`             | Syscall that modifies kernel memory and NUMA settings. Already gated by `CAP_SYS_NICE`.                      |
-| `modify_ldt`        | Old syscall only used in 16-bit code and a potential information leak.                                       |
 | `mount`             | Deny mounting, already gated by `CAP_SYS_ADMIN`.                                                             |
 | `move_pages`        | Syscall that modifies kernel memory and NUMA settings.                                                       |
 | `name_to_handle_at` | Sister syscall to `open_by_handle_at`. Already gated by `CAP_SYS_NICE`.                                      |