Skip to content

Commit 03bd00b

Browse files
dimsdims
committed
Adding /proc/timer_list to the masked paths list
/proc/timer_list seems to leak information about the host. Here is an example from a busybox container running on docker+kubernetes. # cat /proc/timer_list | grep -i -e kube <ffff8800b8cc3db0>, hrtimer_wakeup, S:01, futex_wait_queue_me, kubelet/2497 <ffff880129ac3db0>, hrtimer_wakeup, S:01, futex_wait_queue_me, kube-proxy/3478 <ffff8800b1b77db0>, hrtimer_wakeup, S:01, futex_wait_queue_me, kube-proxy/3470 <ffff8800bb6abdb0>, hrtimer_wakeup, S:01, futex_wait_queue_me, kubelet/2499 Signed-Off-By: Davanum Srinivas <[email protected]> Signed-off-by: Davanum Srinivas <[email protected]>
1 parent faaab62 commit 03bd00b

File tree

1 file changed

+1
-0
lines changed

1 file changed

+1
-0
lines changed

oci/defaults_linux.go

+1
Original file line numberDiff line numberDiff line change
@@ -81,6 +81,7 @@ func DefaultSpec() specs.Spec {
8181
MaskedPaths: []string{
8282
"/proc/kcore",
8383
"/proc/latency_stats",
84+
"/proc/timer_list",
8485
"/proc/timer_stats",
8586
"/proc/sched_debug",
8687
},

0 commit comments

Comments
 (0)