selinux

package
Go to main page

Versions in this module

v1
v1.0.0-rc3
Mar 21, 2017 GO-2021-0085 +11 more
Alert  GO-2021-0085: Authorization bypass in github.com/opencontainers/runc
Alert  GO-2021-0087: Race condition in github.com/opencontainers/runc
Alert  GO-2022-0396: Devices resource list treated as a blacklist by default in github.com/opencontainers/runc
Alert  GO-2022-0452: Default inheritable capabilities for linux container should be empty in github.com/opencontainers/runc
Alert  GO-2022-0914: Mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs in github.com/opencontainers/runc
Alert  GO-2023-1682: Rootless: /sys/fs/cgroup is writable when cgroupns isn't unshared in github.com/opencontainers/runc
Alert  GO-2023-1683: AppArmor bypass with symlinked /proc in github.com/opencontainers/runc
Alert  GO-2024-3110: Can be confused to create empty files/directories on the host in github.com/opencontainers/runc
Alert  GO-2025-3543: WITHDRAWN: Libcontainer is affected by capabilities elevation in github.com/opencontainers/runc
Alert  GO-2025-4096: Container escape via "masked path" abuse due to mount race conditions in github.com/opencontainers/runc
Alert  GO-2025-4097: Container escape with malicious config due to /dev/console mount and related races in github.com/opencontainers/runc
Alert  GO-2025-4098: Container escape and DDoS due to arbitrary write gadgets and procfs write redirects in github.com/opencontainers/runc
v1.0.0-rc2
Sep 29, 2016 GO-2021-0085 +11 more
Alert  GO-2021-0085: Authorization bypass in github.com/opencontainers/runc
Alert  GO-2021-0087: Race condition in github.com/opencontainers/runc
Alert  GO-2022-0396: Devices resource list treated as a blacklist by default in github.com/opencontainers/runc
Alert  GO-2022-0452: Default inheritable capabilities for linux container should be empty in github.com/opencontainers/runc
Alert  GO-2022-0835: Information Exposure in RunC in github.com/opencontainers/runc
Alert  GO-2022-0914: Mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs in github.com/opencontainers/runc
Alert  GO-2023-1682: Rootless: /sys/fs/cgroup is writable when cgroupns isn't unshared in github.com/opencontainers/runc
Alert  GO-2023-1683: AppArmor bypass with symlinked /proc in github.com/opencontainers/runc
Alert  GO-2024-3110: Can be confused to create empty files/directories on the host in github.com/opencontainers/runc
Alert  GO-2025-3543: WITHDRAWN: Libcontainer is affected by capabilities elevation in github.com/opencontainers/runc
Alert  GO-2025-4096: Container escape via "masked path" abuse due to mount race conditions in github.com/opencontainers/runc
Alert  GO-2025-4098: Container escape and DDoS due to arbitrary write gadgets and procfs write redirects in github.com/opencontainers/runc
v1.0.0-rc1
Jun 3, 2016 GO-2021-0085 +11 more
Alert  GO-2021-0085: Authorization bypass in github.com/opencontainers/runc
Alert  GO-2021-0087: Race condition in github.com/opencontainers/runc
Alert  GO-2022-0396: Devices resource list treated as a blacklist by default in github.com/opencontainers/runc
Alert  GO-2022-0452: Default inheritable capabilities for linux container should be empty in github.com/opencontainers/runc
Alert  GO-2022-0835: Information Exposure in RunC in github.com/opencontainers/runc
Alert  GO-2022-0914: Mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs in github.com/opencontainers/runc
Alert  GO-2023-1682: Rootless: /sys/fs/cgroup is writable when cgroupns isn't unshared in github.com/opencontainers/runc
Alert  GO-2023-1683: AppArmor bypass with symlinked /proc in github.com/opencontainers/runc
Alert  GO-2024-3110: Can be confused to create empty files/directories on the host in github.com/opencontainers/runc
Alert  GO-2025-3543: WITHDRAWN: Libcontainer is affected by capabilities elevation in github.com/opencontainers/runc
Alert  GO-2025-4096: Container escape via "masked path" abuse due to mount race conditions in github.com/opencontainers/runc
Alert  GO-2025-4098: Container escape and DDoS due to arbitrary write gadgets and procfs write redirects in github.com/opencontainers/runc
v0
v0.1.1
Apr 25, 2016 GO-2021-0085 +11 more
Alert  GO-2021-0085: Authorization bypass in github.com/opencontainers/runc
Alert  GO-2021-0087: Race condition in github.com/opencontainers/runc
Alert  GO-2022-0396: Devices resource list treated as a blacklist by default in github.com/opencontainers/runc
Alert  GO-2022-0452: Default inheritable capabilities for linux container should be empty in github.com/opencontainers/runc
Alert  GO-2022-0835: Information Exposure in RunC in github.com/opencontainers/runc
Alert  GO-2022-0914: Mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs in github.com/opencontainers/runc
Alert  GO-2023-1682: Rootless: /sys/fs/cgroup is writable when cgroupns isn't unshared in github.com/opencontainers/runc
Alert  GO-2023-1683: AppArmor bypass with symlinked /proc in github.com/opencontainers/runc
Alert  GO-2024-3110: Can be confused to create empty files/directories on the host in github.com/opencontainers/runc
Alert  GO-2025-3543: WITHDRAWN: Libcontainer is affected by capabilities elevation in github.com/opencontainers/runc
Alert  GO-2025-4096: Container escape via "masked path" abuse due to mount race conditions in github.com/opencontainers/runc
Alert  GO-2025-4098: Container escape and DDoS due to arbitrary write gadgets and procfs write redirects in github.com/opencontainers/runc
v0.1.0
Apr 12, 2016 GO-2021-0085 +11 more
Alert  GO-2021-0085: Authorization bypass in github.com/opencontainers/runc
Alert  GO-2021-0087: Race condition in github.com/opencontainers/runc
Alert  GO-2022-0396: Devices resource list treated as a blacklist by default in github.com/opencontainers/runc
Alert  GO-2022-0452: Default inheritable capabilities for linux container should be empty in github.com/opencontainers/runc
Alert  GO-2022-0835: Information Exposure in RunC in github.com/opencontainers/runc
Alert  GO-2022-0914: Mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs in github.com/opencontainers/runc
Alert  GO-2023-1682: Rootless: /sys/fs/cgroup is writable when cgroupns isn't unshared in github.com/opencontainers/runc
Alert  GO-2023-1683: AppArmor bypass with symlinked /proc in github.com/opencontainers/runc
Alert  GO-2024-3110: Can be confused to create empty files/directories on the host in github.com/opencontainers/runc
Alert  GO-2025-3543: WITHDRAWN: Libcontainer is affected by capabilities elevation in github.com/opencontainers/runc
Alert  GO-2025-4096: Container escape via "masked path" abuse due to mount race conditions in github.com/opencontainers/runc
Alert  GO-2025-4098: Container escape and DDoS due to arbitrary write gadgets and procfs write redirects in github.com/opencontainers/runc
v0.0.9
Mar 10, 2016 GO-2021-0070 +12 more
Alert  GO-2021-0070: Privilege escalation in github.com/opencontainers/runc
Alert  GO-2021-0085: Authorization bypass in github.com/opencontainers/runc
Alert  GO-2021-0087: Race condition in github.com/opencontainers/runc
Alert  GO-2022-0396: Devices resource list treated as a blacklist by default in github.com/opencontainers/runc
Alert  GO-2022-0452: Default inheritable capabilities for linux container should be empty in github.com/opencontainers/runc
Alert  GO-2022-0835: Information Exposure in RunC in github.com/opencontainers/runc
Alert  GO-2022-0914: Mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs in github.com/opencontainers/runc
Alert  GO-2023-1682: Rootless: /sys/fs/cgroup is writable when cgroupns isn't unshared in github.com/opencontainers/runc
Alert  GO-2023-1683: AppArmor bypass with symlinked /proc in github.com/opencontainers/runc
Alert  GO-2024-3110: Can be confused to create empty files/directories on the host in github.com/opencontainers/runc
Alert  GO-2025-3543: WITHDRAWN: Libcontainer is affected by capabilities elevation in github.com/opencontainers/runc
Alert  GO-2025-4096: Container escape via "masked path" abuse due to mount race conditions in github.com/opencontainers/runc
Alert  GO-2025-4098: Container escape and DDoS due to arbitrary write gadgets and procfs write redirects in github.com/opencontainers/runc
v0.0.8
Feb 10, 2016 GO-2021-0070 +12 more
Alert  GO-2021-0070: Privilege escalation in github.com/opencontainers/runc
Alert  GO-2021-0085: Authorization bypass in github.com/opencontainers/runc
Alert  GO-2021-0087: Race condition in github.com/opencontainers/runc
Alert  GO-2022-0396: Devices resource list treated as a blacklist by default in github.com/opencontainers/runc
Alert  GO-2022-0452: Default inheritable capabilities for linux container should be empty in github.com/opencontainers/runc
Alert  GO-2022-0835: Information Exposure in RunC in github.com/opencontainers/runc
Alert  GO-2022-0914: Mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs in github.com/opencontainers/runc
Alert  GO-2023-1682: Rootless: /sys/fs/cgroup is writable when cgroupns isn't unshared in github.com/opencontainers/runc
Alert  GO-2023-1683: AppArmor bypass with symlinked /proc in github.com/opencontainers/runc
Alert  GO-2024-3110: Can be confused to create empty files/directories on the host in github.com/opencontainers/runc
Alert  GO-2025-3543: WITHDRAWN: Libcontainer is affected by capabilities elevation in github.com/opencontainers/runc
Alert  GO-2025-4096: Container escape via "masked path" abuse due to mount race conditions in github.com/opencontainers/runc
Alert  GO-2025-4098: Container escape and DDoS due to arbitrary write gadgets and procfs write redirects in github.com/opencontainers/runc
v0.0.7
Jan 26, 2016 GO-2021-0070 +12 more
Alert  GO-2021-0070: Privilege escalation in github.com/opencontainers/runc
Alert  GO-2021-0085: Authorization bypass in github.com/opencontainers/runc
Alert  GO-2021-0087: Race condition in github.com/opencontainers/runc
Alert  GO-2022-0396: Devices resource list treated as a blacklist by default in github.com/opencontainers/runc
Alert  GO-2022-0452: Default inheritable capabilities for linux container should be empty in github.com/opencontainers/runc
Alert  GO-2022-0835: Information Exposure in RunC in github.com/opencontainers/runc
Alert  GO-2022-0914: Mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs in github.com/opencontainers/runc
Alert  GO-2023-1682: Rootless: /sys/fs/cgroup is writable when cgroupns isn't unshared in github.com/opencontainers/runc
Alert  GO-2023-1683: AppArmor bypass with symlinked /proc in github.com/opencontainers/runc
Alert  GO-2024-3110: Can be confused to create empty files/directories on the host in github.com/opencontainers/runc
Alert  GO-2025-3543: WITHDRAWN: Libcontainer is affected by capabilities elevation in github.com/opencontainers/runc
Alert  GO-2025-4096: Container escape via "masked path" abuse due to mount race conditions in github.com/opencontainers/runc
Alert  GO-2025-4098: Container escape and DDoS due to arbitrary write gadgets and procfs write redirects in github.com/opencontainers/runc
Changes in this version
v0.0.6
Dec 11, 2015 GO-2021-0070 +12 more
Alert  GO-2021-0070: Privilege escalation in github.com/opencontainers/runc
Alert  GO-2021-0085: Authorization bypass in github.com/opencontainers/runc
Alert  GO-2021-0087: Race condition in github.com/opencontainers/runc
Alert  GO-2022-0396: Devices resource list treated as a blacklist by default in github.com/opencontainers/runc
Alert  GO-2022-0452: Default inheritable capabilities for linux container should be empty in github.com/opencontainers/runc
Alert  GO-2022-0835: Information Exposure in RunC in github.com/opencontainers/runc
Alert  GO-2022-0914: Mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs in github.com/opencontainers/runc
Alert  GO-2023-1682: Rootless: /sys/fs/cgroup is writable when cgroupns isn't unshared in github.com/opencontainers/runc
Alert  GO-2023-1683: AppArmor bypass with symlinked /proc in github.com/opencontainers/runc
Alert  GO-2024-3110: Can be confused to create empty files/directories on the host in github.com/opencontainers/runc
Alert  GO-2025-3543: WITHDRAWN: Libcontainer is affected by capabilities elevation in github.com/opencontainers/runc
Alert  GO-2025-4096: Container escape via "masked path" abuse due to mount race conditions in github.com/opencontainers/runc
Alert  GO-2025-4098: Container escape and DDoS due to arbitrary write gadgets and procfs write redirects in github.com/opencontainers/runc
v0.0.5
Nov 20, 2015 GO-2021-0070 +12 more
Alert  GO-2021-0070: Privilege escalation in github.com/opencontainers/runc
Alert  GO-2021-0085: Authorization bypass in github.com/opencontainers/runc
Alert  GO-2021-0087: Race condition in github.com/opencontainers/runc
Alert  GO-2022-0396: Devices resource list treated as a blacklist by default in github.com/opencontainers/runc
Alert  GO-2022-0452: Default inheritable capabilities for linux container should be empty in github.com/opencontainers/runc
Alert  GO-2022-0835: Information Exposure in RunC in github.com/opencontainers/runc
Alert  GO-2022-0914: Mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs in github.com/opencontainers/runc
Alert  GO-2023-1682: Rootless: /sys/fs/cgroup is writable when cgroupns isn't unshared in github.com/opencontainers/runc
Alert  GO-2023-1683: AppArmor bypass with symlinked /proc in github.com/opencontainers/runc
Alert  GO-2024-3110: Can be confused to create empty files/directories on the host in github.com/opencontainers/runc
Alert  GO-2025-3543: WITHDRAWN: Libcontainer is affected by capabilities elevation in github.com/opencontainers/runc
Alert  GO-2025-4096: Container escape via "masked path" abuse due to mount race conditions in github.com/opencontainers/runc
Alert  GO-2025-4098: Container escape and DDoS due to arbitrary write gadgets and procfs write redirects in github.com/opencontainers/runc
v0.0.4
Sep 11, 2015 GO-2021-0070 +12 more
Alert  GO-2021-0070: Privilege escalation in github.com/opencontainers/runc
Alert  GO-2021-0085: Authorization bypass in github.com/opencontainers/runc
Alert  GO-2021-0087: Race condition in github.com/opencontainers/runc
Alert  GO-2022-0396: Devices resource list treated as a blacklist by default in github.com/opencontainers/runc
Alert  GO-2022-0452: Default inheritable capabilities for linux container should be empty in github.com/opencontainers/runc
Alert  GO-2022-0835: Information Exposure in RunC in github.com/opencontainers/runc
Alert  GO-2022-0914: Mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs in github.com/opencontainers/runc
Alert  GO-2023-1682: Rootless: /sys/fs/cgroup is writable when cgroupns isn't unshared in github.com/opencontainers/runc
Alert  GO-2023-1683: AppArmor bypass with symlinked /proc in github.com/opencontainers/runc
Alert  GO-2024-3110: Can be confused to create empty files/directories on the host in github.com/opencontainers/runc
Alert  GO-2025-3543: WITHDRAWN: Libcontainer is affected by capabilities elevation in github.com/opencontainers/runc
Alert  GO-2025-4096: Container escape via "masked path" abuse due to mount race conditions in github.com/opencontainers/runc
Alert  GO-2025-4098: Container escape and DDoS due to arbitrary write gadgets and procfs write redirects in github.com/opencontainers/runc
v0.0.3
Aug 4, 2015 GO-2021-0070 +12 more
Alert  GO-2021-0070: Privilege escalation in github.com/opencontainers/runc
Alert  GO-2021-0085: Authorization bypass in github.com/opencontainers/runc
Alert  GO-2021-0087: Race condition in github.com/opencontainers/runc
Alert  GO-2022-0396: Devices resource list treated as a blacklist by default in github.com/opencontainers/runc
Alert  GO-2022-0452: Default inheritable capabilities for linux container should be empty in github.com/opencontainers/runc
Alert  GO-2022-0835: Information Exposure in RunC in github.com/opencontainers/runc
Alert  GO-2022-0914: Mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs in github.com/opencontainers/runc
Alert  GO-2023-1682: Rootless: /sys/fs/cgroup is writable when cgroupns isn't unshared in github.com/opencontainers/runc
Alert  GO-2023-1683: AppArmor bypass with symlinked /proc in github.com/opencontainers/runc
Alert  GO-2024-3110: Can be confused to create empty files/directories on the host in github.com/opencontainers/runc
Alert  GO-2025-3543: WITHDRAWN: Libcontainer is affected by capabilities elevation in github.com/opencontainers/runc
Alert  GO-2025-4096: Container escape via "masked path" abuse due to mount race conditions in github.com/opencontainers/runc
Alert  GO-2025-4098: Container escape and DDoS due to arbitrary write gadgets and procfs write redirects in github.com/opencontainers/runc
v0.0.2
Jul 17, 2015 GO-2021-0070 +12 more
Alert  GO-2021-0070: Privilege escalation in github.com/opencontainers/runc
Alert  GO-2021-0085: Authorization bypass in github.com/opencontainers/runc
Alert  GO-2021-0087: Race condition in github.com/opencontainers/runc
Alert  GO-2022-0396: Devices resource list treated as a blacklist by default in github.com/opencontainers/runc
Alert  GO-2022-0452: Default inheritable capabilities for linux container should be empty in github.com/opencontainers/runc
Alert  GO-2022-0835: Information Exposure in RunC in github.com/opencontainers/runc
Alert  GO-2022-0914: Mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs in github.com/opencontainers/runc
Alert  GO-2023-1682: Rootless: /sys/fs/cgroup is writable when cgroupns isn't unshared in github.com/opencontainers/runc
Alert  GO-2023-1683: AppArmor bypass with symlinked /proc in github.com/opencontainers/runc
Alert  GO-2024-3110: Can be confused to create empty files/directories on the host in github.com/opencontainers/runc
Alert  GO-2025-3543: WITHDRAWN: Libcontainer is affected by capabilities elevation in github.com/opencontainers/runc
Alert  GO-2025-4096: Container escape via "masked path" abuse due to mount race conditions in github.com/opencontainers/runc
Alert  GO-2025-4098: Container escape and DDoS due to arbitrary write gadgets and procfs write redirects in github.com/opencontainers/runc
v0.0.1
Jul 16, 2015 GO-2021-0070 +12 more
Alert  GO-2021-0070: Privilege escalation in github.com/opencontainers/runc
Alert  GO-2021-0085: Authorization bypass in github.com/opencontainers/runc
Alert  GO-2021-0087: Race condition in github.com/opencontainers/runc
Alert  GO-2022-0396: Devices resource list treated as a blacklist by default in github.com/opencontainers/runc
Alert  GO-2022-0452: Default inheritable capabilities for linux container should be empty in github.com/opencontainers/runc
Alert  GO-2022-0835: Information Exposure in RunC in github.com/opencontainers/runc
Alert  GO-2022-0914: Mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs in github.com/opencontainers/runc
Alert  GO-2023-1682: Rootless: /sys/fs/cgroup is writable when cgroupns isn't unshared in github.com/opencontainers/runc
Alert  GO-2023-1683: AppArmor bypass with symlinked /proc in github.com/opencontainers/runc
Alert  GO-2024-3110: Can be confused to create empty files/directories on the host in github.com/opencontainers/runc
Alert  GO-2025-3543: WITHDRAWN: Libcontainer is affected by capabilities elevation in github.com/opencontainers/runc
Alert  GO-2025-4096: Container escape via "masked path" abuse due to mount race conditions in github.com/opencontainers/runc
Alert  GO-2025-4098: Container escape and DDoS due to arbitrary write gadgets and procfs write redirects in github.com/opencontainers/runc
Changes in this version
+ const Disabled linux/amd64
+ const Enforcing linux/amd64
+ const Permissive linux/amd64
+ func DisableSecOpt() []string linux/amd64
+ func Getcon() (string, error) linux/amd64
+ func ReserveLabel(scon string) linux/amd64
+ func SelinuxEnabled() bool linux/amd64
+ func SelinuxGetEnforce() int linux/amd64
+ func SetDisabled() linux/amd64

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.