From b4c14a0bb846343c6d6d5dde6d9259c2c62a0b1e Mon Sep 17 00:00:00 2001
From: Jessica Frazelle <acidburn@docker.com>
Date: Mon, 28 Dec 2015 21:55:43 -0800
Subject: [PATCH] fix code comment

Signed-off-by: Jessica Frazelle <acidburn@docker.com>
---
 daemon/execdriver/native/seccomp_default.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/daemon/execdriver/native/seccomp_default.go b/daemon/execdriver/native/seccomp_default.go
index dbd00312a3..1075a0b315 100644
--- a/daemon/execdriver/native/seccomp_default.go
+++ b/daemon/execdriver/native/seccomp_default.go
@@ -235,7 +235,8 @@ var defaultSeccompProfile = &configs.Seccomp{
 			Args:   []*configs.Arg{},
 		},
 		{
-			// Probably a bad idea to let containers restart
+			// Probably a bad idea to let containers restart a syscall.
+			// Possible seccomp bypass, see: https://code.google.com/p/chromium/issues/detail?id=408827.
 			Name:   "restart_syscall",
 			Action: configs.Errno,
 			Args:   []*configs.Arg{},