POC no setuid, setgid caps
Signed-off-by: Jess Frazelle <jess@mesosphere.com>
This commit is contained in:
Jess Frazelle
parent
69cba73cf6
commit
2b527491fe
10 changed files with 156 additions and 171 deletions
2
vendor/github.com/opencontainers/runc/libcontainer/setgroups_linux.go
generated
vendored
2
vendor/github.com/opencontainers/runc/libcontainer/setgroups_linux.go
generated
vendored
|
|
@ -7,5 +7,5 @@ import "syscall"
|
|||
// Set the GidMappingsEnableSetgroups member to true, so the process's
|
||||
// setgroups proc entry wont be set to 'deny' if GidMappings are set
|
||||
func enableSetgroups(sys *syscall.SysProcAttr) {
|
||||
sys.GidMappingsEnableSetgroups = true
|
||||
sys.GidMappingsEnableSetgroups = false
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue