Justin Cormack c726c9026e Block additional ptrace related syscalls in default seccomp profile ...

Block kcmp, procees_vm_readv, process_vm_writev.
All these require CAP_PTRACE, and are only used for ptrace related
actions, so are not useful as we block ptrace.

Signed-off-by: Justin Cormack <justin.cormack@unikernel.com>
Upstream-commit: a0a8ca0ae0bc9dc7faa0b8bacf4ca376c7257348
Component: engine

2015-12-29 18:17:28 +00:00

..

execdrivers

daemon: remove sysInitPath, lxc leftover

2015-11-30 10:04:13 +01:00

native

Block additional ptrace related syscalls in default seccomp profile

2015-12-29 18:17:28 +00:00

windows

Implemet docker update command

2015-12-28 19:19:26 +08:00

driver_unix.go

Remove package pkg/ulimit, use go-units instead.

2015-12-23 13:27:58 -05:00

driver_windows.go

Move Config and HostConfig from runconfig to types/container.

2015-12-22 13:34:30 -05:00

driver.go

Implemet docker update command

2015-12-28 19:19:26 +08:00

pipes.go

Fix golint warnings for daemon/execdriver/*

2015-07-28 08:43:22 +08:00

termconsole.go

Add user namespace (mapping) support to the Docker engine

2015-10-09 17:47:37 -04:00

utils_unix.go

Don't build utils on Windows

2015-11-07 08:46:36 -08:00