toolshed/docker-cli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
22,689 Commits 3 Branches 295 Tags
f4ae583b7f4d9fde25103fe8351655c895cbcad5
Commit Graph

3 Commits

Author SHA1 Message Date
Justin Cormack
3edfa94729 Add some uses of personality syscall to default seccomp filter 
We generally want to filter the personality(2) syscall, as it
allows disabling ASLR, and turning on some poorly supported
emulations that have been the target of CVEs. However the use
cases for reading the current value, setting the default
PER_LINUX personality, and setting PER_LINUX32 for 32 bit
emulation are fine.

See issue #20634

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Upstream-commit: 39b799ac53e2ba397edc3063432d01478416dbc8
Component: engine
 2016-02-26 18:43:08 +01:00
Jessica Frazelle
bea41e64ba generate seccomp profile convert type 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
Upstream-commit: ad600239bca1ac89d9684a98d6f7f260959e81d2
Component: engine
 2016-02-19 13:32:54 -08:00
Jessica Frazelle
a45e7dc118 add default seccomp profile as json 
profile is created by go generate

Signed-off-by: Jessica Frazelle <acidburn@docker.com>
Upstream-commit: d57816de0293e18ecfa68ac6e8c288a888912e33
Component: engine
 2016-02-08 08:19:21 -08:00