Mascali/piston
1
0
Fork 0
mirror of https://github.com/engineer-man/piston.git synced 2025-05-06 11:56:26 +02:00
Code Issues Projects Releases Wiki Activity

v3 - Remove the use of unshare + privileged mode and instead

Browse source 
use seccomp to filter for socket syscalls
This commit is contained in:
Victor Frazao 2021-03-30 18:21:40 -04:00
parent 01bc13d115
commit 0778cdb1cc
8 changed files with 76 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

2
repo/Dockerfile
View file

@ -1,5 +1,5 @@
FROM debian:buster-slim
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update && apt-get install -y unzip autoconf build-essential libssl-dev pkg-config zlib1g-dev libargon2-dev libsodium-dev libcurl4-openssl-dev sqlite3 libsqlite3-dev libonig-dev libxml2 libxml2-dev bc curl git linux-headers-amd64 perl xz-utils python3 python3-pip gnupg jq zlib1g-dev cmake cmake-doc extra-cmake-modules build-essential gcc binutils bash coreutils util-linux pciutils usbutils coreutils binutils findutils grep libncurses5-dev libncursesw5-dev python3-pip libgmp-dev libmpfr-dev python2 && \
ln -sf /bin/bash /bin/sh && \
rm -rf /var/lib/apt/lists/* && \