Need to block access to kernel file systems in /proc and /sys - containers/podman.git - forked from: https://github.com/containers/podman.git

diff options

author	Daniel J Walsh <dwalsh@redhat.com>	2017-11-22 09:54:22 -0500
committer	Atomic Bot <atomic-devel@projectatomic.io>	2017-11-22 15:49:56 +0000
commit	91b406ea4a175a7b996f8810e1eb2f2653ff335d (patch)
tree	51da98455b9f3ba5bf3191694a069e687ce3a06b /seccomp.json
parent	768fb6fe0f59467442a1aaaa4ca863d179255020 (diff)
download	podman-91b406ea4a175a7b996f8810e1eb2f2653ff335d.tar.gz podman-91b406ea4a175a7b996f8810e1eb2f2653ff335d.tar.bz2 podman-91b406ea4a175a7b996f8810e1eb2f2653ff335d.zip

Need to block access to kernel file systems in /proc and /sys

Users of kpod run could use these file systems to perform a breakout or to learn valuable system information. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #61 Approved by: mheon

Diffstat (limited to 'seccomp.json')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: