summaryrefslogtreecommitdiffhomepage
path: root/runsc/fsgofer
diff options
context:
space:
mode:
authorRobert Tonic <btonic@users.noreply.github.com>2019-09-24 18:37:25 -0400
committerRobert Tonic <btonic@users.noreply.github.com>2019-09-24 18:37:25 -0400
commit9ebd498a55fa87129cdc60cdc3bca66f26c49454 (patch)
treedb1db52ace9e62f6cc1e5f1792326f95b78e97b2 /runsc/fsgofer
parent7810b30983ec4d3a706df01163c29814cd21d6ca (diff)
Remove unecessary seccomp permission.
This removes the F_DUPFD_CLOEXEC support for the gofer, previously required when depending on the STL net package.
Diffstat (limited to 'runsc/fsgofer')
-rw-r--r--runsc/fsgofer/filter/config.go4
1 files changed, 0 insertions, 4 deletions
diff --git a/runsc/fsgofer/filter/config.go b/runsc/fsgofer/filter/config.go
index 8989cdb2f..a3f104a58 100644
--- a/runsc/fsgofer/filter/config.go
+++ b/runsc/fsgofer/filter/config.go
@@ -83,10 +83,6 @@ var allowedSyscalls = seccomp.SyscallRules{
seccomp.AllowAny{},
seccomp.AllowValue(syscall.F_GETFD),
},
- {
- seccomp.AllowAny{},
- seccomp.AllowValue(syscall.F_DUPFD_CLOEXEC),
- },
},
syscall.SYS_FSTAT: {},
syscall.SYS_FSTATFS: {},