kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity
moby--moby/contrib
History
Justin Cormack dcf2632945 Revert "Block obsolete socket families in the default seccomp profile" 
This reverts commit 7e3a596a63.

Unfortunately, it was pointed out in https://github.com/moby/moby/pull/29076#commitcomment-21831387
that the `socketcall` syscall takes a pointer to a struct so it is not possible to
use seccomp profiles to filter it. This means these cannot be blocked as you can
use `socketcall` to call them regardless, as we currently allow 32 bit syscalls.

Users who wish to block these should use a seccomp profile that blocks all
32 bit syscalls and then just block the non socketcall versions.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-05-09 14:26:00 +01:00
..
apparmor
builder Remove Ubuntu 12.04 "precise pangolin" from build scripts 2017-04-11 14:08:39 +02:00
completion bash completion for stack deploy --prune 2017-05-08 10:14:15 +02:00
desktop-integration
docker-device-tool
gitdm Update gitdm domain-map 2017-04-10 14:28:27 -07:00
httpserver
init contrib/init/openrc: allow separate logs for stdout and stderr 2017-02-23 17:07:26 -06:00
mkimage
nnp-test
reprepro Convert script shebangs from "#!/bin/bash" to "#!/usr/bin/env bash" 2017-02-13 11:01:54 -08:00
selinux/docker-engine-selinux Fix conflicts with newly updated selinux policies 2017-01-06 16:04:24 -05:00
selinux-fedora-24/docker-engine-selinux
selinux-oraclelinux-7/docker-engine-selinux Update oracle linux selinux to match docker upstream 2017-03-24 12:17:39 -07:00
syntax
syscall-test Revert "Block obsolete socket families in the default seccomp profile" 2017-05-09 14:26:00 +01:00
udev
vagrant-docker Merge pull request #29697 from yuexiao-wang/fix-docker-daemon 2017-01-04 11:55:38 +01:00
check-config.sh Merge pull request #28634 from ghostplant/check_cfg_memsw 2017-01-27 10:49:32 +01:00
docker-machine-install-bundle.sh Convert script shebangs from "#!/bin/bash" to "#!/usr/bin/env bash" 2017-02-13 11:01:54 -08:00
dockerize-disk.sh
download-frozen-image-v1.sh Convert script shebangs from "#!/bin/bash" to "#!/usr/bin/env bash" 2017-02-13 11:01:54 -08:00
download-frozen-image-v2.sh Convert script shebangs from "#!/bin/bash" to "#!/usr/bin/env bash" 2017-02-13 11:01:54 -08:00
editorconfig
mac-install-bundle.sh
mkimage-alpine.sh
mkimage-arch-pacman.conf
mkimage-arch.sh
mkimage-archarm-pacman.conf
mkimage-busybox.sh
mkimage-crux.sh
mkimage-debootstrap.sh
mkimage-pld.sh
mkimage-rinse.sh
mkimage-yum.sh
mkimage.sh
nuke-graph-directory.sh Convert script shebangs from "#!/bin/bash" to "#!/usr/bin/env bash" 2017-02-13 11:01:54 -08:00
project-stats.sh
README.md
report-issue.sh
REVIEWERS

README.md

The contrib directory contains scripts, images, and other helpful things which are not part of the core docker distribution. Please note that they could be out of date, since they do not receive the same attention as the rest of the repository.