Affected by GO-2022-0390 and 3 other vulnerabilities

GO-2022-0390: Moby (Docker Engine) started with non-empty inheritable Linux process capabilities in github.com/docker/docker

GO-2024-2914: Moby (Docker Engine) is vulnerable to Ambiguous OCI manifest parsing in github.com/docker/docker

GO-2024-3304: Moby Race Condition vulnerability in github.com/moby/moby

GO-2024-3305: Moby Race Condition vulnerability in github.com/moby/moby

restrict

package

v0.11.0 Latest Latest Go to latest Published: May 7, 2014 License: Apache-2.0 Imports: 3 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/moby/moby

Links

Open Source Insights

Documentation ¶

Rendered for

Index ¶

func Restrict(mounts ...string) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Restrict ¶

func Restrict(mounts ...string) error

This has to be called while the container still has CAP_SYS_ADMIN (to be able to perform mounts). However, afterwards, CAP_SYS_ADMIN should be dropped (otherwise the user will be able to revert those changes).

Types ¶

This section is empty.

Source Files ¶

View all Source files

restrict.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL