kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

Add ipc syscall to default seccomp profile

Browse source 
On 32 bit x86 this is a multiplexing syscall for the system V
ipc syscalls such as shmget, and so needs to be allowed for
shared memory access for 32 bit binaries.

Fixes #20733

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
(cherry picked from commit 31410a6d79)
This commit is contained in:
Justin Cormack 2016-03-05 22:10:12 +00:00 committed by Tibor Vass
parent 516ef83f30
commit eceeae4d7c
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
daemon/execdriver/native/seccomp_default.go
View file

@ -624,6 +624,11 @@ var defaultSeccompProfile = &configs.Seccomp{
Action: configs.Allow,
Args: []*configs.Arg{},
},
{
Name: "ipc",
Action: configs.Allow,
Args: []*configs.Arg{},
},
{
Name: "kill",
Action: configs.Allow,