GitList

March 20, 2017
	View 3ab4961 profiles: seccomp: allow clock_settime when CAP_SYS_TIME is added Antonio Murdaca authored on 2017/03/20 19:00:34

March 8, 2017
	View 9067ef0 Seccomp Update Justin Cormack authored on 2017/03/08 07:19:46

February 13, 2017
	View 52d8f58 Allow sync_file_range2 on supported architectures. Gabriel Linder authored on 2017/02/13 21:55:53

January 29, 2017
	View d6adcd6 Add two arm specific syscalls to seccomp profile Justin Cormack authored on 2017/01/29 23:53:15

December 3, 2016
	View 7e3a596 Block obsolete socket families in the default seccomp profile Justin Cormack authored on 2016/12/03 01:41:26

September 7, 2016
	View 91e197d Add engine-api types to docker Michael Crosby authored on 2016/09/07 03:18:12

August 18, 2016
	View 041e5a2 Replace old oci specs import with runtime-specs Michael Crosby authored on 2016/08/18 01:38:34

August 10, 2016
	View c1ca124 Gate name_to_handle_at by CAP_SYS_ADMIN not CAP_DAC_READ_SEARCH Justin Cormack authored on 2016/08/10 20:22:36

July 13, 2016
	View 5ff21ad New seccomp format Antonio Murdaca authored on 2016/07/13 22:41:30

June 16, 2016
	View bdf01cf Move mlock back into the default ungated seccomp profile Justin Cormack authored on 2016/06/16 05:25:27

May 31, 2016
	View bf2a577 Enable seccomp for s390x Michael Holzheu authored on 2016/05/31 22:27:28

May 26, 2016
	View 9ed6e39 Do not restrict chown via seccomp, just let capabilities control access Justin Cormack authored on 2016/05/26 04:49:30

May 24, 2016
	View a83cedd Enable seccomp on ppc64le Justin Cormack authored on 2016/05/24 07:19:19

May 6, 2016
	View a01c4dc Align default seccomp profile with selected capabilities Justin Cormack authored on 2016/05/06 23:17:41

April 22, 2016
	View e7a99ae Remove mlock and vhangup from the default seccomp profile Justin Cormack authored on 2016/04/22 02:23:59