firecracker-containerd icon indicating copy to clipboard operation
firecracker-containerd copied to clipboard

Published 20 hours ago verified publisher icon firecracker-microvm

Runtime SeccompProfilePath

Open xibz opened this issue 6 years ago • 0 comments

  • [ ] runtime should not block setting host name with unconfined seccomp and SYS_ADMIN
  • [ ] should support seccomp unconfined on the container
  • [ ] should support seccomp default which is unconfined on the container
  • [ ] runtime should support setting hostname with docker/default seccomp profile and SYS_ADMIN
  • [ ] runtime should support an seccomp profile that blocks setting hostname with SYS_ADMIN
  • [ ] runtime should block sethostname with docker/default seccomp profile and no extra caps
  • [ ] should support seccomp localhost/profile on the container
  • [ ] runtime should not support a custom seccomp profile without using localhost/ as a prefix
  • [ ] runtime should ignore a seccomp profile that blocks setting hostname when privileged
  • [ ] should support seccomp docker/default on the container

xibz avatar Feb 07 '19 19:02 xibz