为什么在运行docker 1.13.1的系统中找不到runC?

时间:2019-06-20 05:47:30

标签: docker runc

我正在研究docker安全性,现在想对CVE-2019-5736进行一些实验。问题是安全性问题与docker-runc有关,但我在系统上找不到它。在哪里可以找到它,或者为什么在Docker 1.13.1中找不到它?

我尝试查看docker 1.13.1的某些源代码,发现runC安装程序存在。 这是我的码头工人信息:

[root@centos-test sbin]# docker info
Containers: 0
 Running: 0
 Paused: 0
 Stopped: 0
Images: 21
Server Version: 1.13.1
Storage Driver: overlay2
 Backing Filesystem: xfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: journald
Cgroup Driver: systemd
Plugins: 
 Volume: local
 Network: bridge host macvlan null overlay
Swarm: inactive
Runtimes: docker-runc runc
Default Runtime: docker-runc
Init Binary: /usr/libexec/docker/docker-init-current
containerd version:  (expected: aa8187dbd3b7ad67d8e5e3a15115d3eef43a7ed1)
runc version: 9c3c5f853ebf0ffac0d087e94daef462133b69c7 (expected: 9df8b306d01f59d3a8029be411de015b7304dd8f)
init version: fec3683b971d9c3ef73f284f176672c44b448662 (expected: 949e6facb77383876aeff8a6944dde66b3089574)
Security Options:
 seccomp
  WARNING: You're not using the default seccomp profile
  Profile: /etc/docker/seccomp.json
 selinux
Kernel Version: 3.10.0-957.12.2.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
Number of Docker Hooks: 3
CPUs: 1
Total Memory: 991.2 MiB
Name: centos-test
ID: RH3W:5PH3:6NKG:AVXT:MCUP:FX35:T7HH:TTI7:LZOF:DRBL:DKI2:K3E6
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false
Registries: docker.io (secure)

0 个答案:

没有答案