summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/kernel/README.md
diff options
context:
space:
mode:
authorFabricio Voznika <fvoznika@google.com>2019-10-01 11:48:24 -0700
committergVisor bot <gvisor-bot@google.com>2019-10-01 11:49:49 -0700
commit0b02c3d5e5bae87f5cdbf4ae20dad8344bef32c2 (patch)
treea5c60e3e55bbfc6807eabd8a219318d6446d9cd4 /pkg/sentry/kernel/README.md
parent53cc72da90f5b5a76b024b47fe4e38a81b495eb4 (diff)
Prevent CAP_NET_RAW from appearing in exec
'docker exec' was getting CAP_NET_RAW even when --net-raw=false because it was not filtered out from when copying container's capabilities. PiperOrigin-RevId: 272260451
Diffstat (limited to 'pkg/sentry/kernel/README.md')
0 files changed, 0 insertions, 0 deletions