nextcloud/all-in-one
1
1
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-02-28 15:57:09 +08:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #3377 from nextcloud/enh/noid/drop-net-raw

Browse source
This commit is contained in:
Simon L 2023-09-27 13:06:38 +02:00 committed by GitHub
commit 8e4678fe82
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
php/src/Docker/DockerActionManager.php
View file

@ -476,6 +476,9 @@ class DockerActionManager
$requestBody['HostConfig']['CapAdd'] = $capAdds;
}
// Disable arp spoofing
$requestBody['HostConfig']['CapDrop'] = ['NET_RAW'];
if ($container->isApparmorUnconfined()) {
$requestBody['HostConfig']['SecurityOpt'] = ["apparmor:unconfined"];
}