Affected by GO-2022-0396 and 5 other vulnerabilities

GO-2022-0396: devices resource list treated as a blacklist by default in github.com/opencontainers/runc

GO-2022-0452: Default inheritable capabilities for linux container should be empty in github.com/opencontainers/runc

GO-2022-0914: mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs in github.com/opencontainers/runc

GO-2023-1682: rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runc in github.com/opencontainers/runc

GO-2023-1683: runc AppArmor bypass with symlinked /proc in github.com/opencontainers/runc

GO-2024-3110: runc can be confused to create empty files/directories on the host in github.com/opencontainers/runc

keys

package

v1.0.0-rc6 Latest Latest Go to latest Published: Nov 21, 2018 License: Apache-2.0 Imports: 4 Imported by: 77

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/opencontainers/runc

Documentation ¶

Index ¶

func ModKeyringPerm(ringId KeySerial, mask, setbits uint32) error
type KeySerial
- func JoinSessionKeyring(name string) (KeySerial, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ModKeyringPerm ¶

func ModKeyringPerm(ringId KeySerial, mask, setbits uint32) error

ModKeyringPerm modifies permissions on a keyring by reading the current permissions, anding the bits with the given mask (clearing permissions) and setting additional permission bits

Types ¶

type KeySerial ¶

type KeySerial uint32

func JoinSessionKeyring ¶

func JoinSessionKeyring(name string) (KeySerial, error)

Source Files ¶

View all Source files

keyctl.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL