From ef438532f1ab7986e3c4cae906bbecd186ceb8a8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=A4=8F=E4=B8=8D=E7=99=BD?= <xiacong4@huawei.com>
Date: Wed, 3 Aug 2022 04:34:58 +0000
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E5=88=86=E5=B8=83=E5=BC=8F?=
 =?UTF-8?q?=E8=AE=A1=E7=AE=97=E5=99=A8=E9=93=BE=E6=8E=A5=E4=B8=8D=E4=B8=8A?=
 =?UTF-8?q?=E7=9A=84=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../modules/seccomp/seccomp_policy/spawn_arm.seccomp.policy   | 4 ++--
 .../modules/seccomp/seccomp_policy/spawn_arm64.seccomp.policy | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/services/modules/seccomp/seccomp_policy/spawn_arm.seccomp.policy b/services/modules/seccomp/seccomp_policy/spawn_arm.seccomp.policy
index 1d3be644..60ea788e 100644
--- a/services/modules/seccomp/seccomp_policy/spawn_arm.seccomp.policy
+++ b/services/modules/seccomp/seccomp_policy/spawn_arm.seccomp.policy
@@ -24,5 +24,5 @@ ONLY_CHECK_ARGS
 "seccomp_filters.h"
 
 @allowListWithArgs
-setresuid32: if arg0 >= 10000 && arg1 >= 10000 && arg2 >= 10000
-setresgid32: if arg0 >= 10000 && arg1 >= 10000 && arg2 >= 10000
\ No newline at end of file
+setresuid32: if arg0 >= 1000 && arg1 >= 1000 && arg2 >= 1000
+setresgid32: if arg0 >= 1000 && arg1 >= 1000 && arg2 >= 1000
\ No newline at end of file
diff --git a/services/modules/seccomp/seccomp_policy/spawn_arm64.seccomp.policy b/services/modules/seccomp/seccomp_policy/spawn_arm64.seccomp.policy
index f1a51bef..32d1ff64 100644
--- a/services/modules/seccomp/seccomp_policy/spawn_arm64.seccomp.policy
+++ b/services/modules/seccomp/seccomp_policy/spawn_arm64.seccomp.policy
@@ -23,5 +23,5 @@ ONLY_CHECK_ARGS
 "seccomp_filters.h"
 
 @allowListWithArgs
-setresuid: if arg0 >= 10000 && arg1 >= 10000 && arg2 >= 10000
-setresgid: if arg0 >= 10000 && arg1 >= 10000 && arg2 >= 10000
\ No newline at end of file
+setresuid: if arg0 >= 1000 && arg1 >= 1000 && arg2 >= 1000
+setresgid: if arg0 >= 1000 && arg1 >= 1000 && arg2 >= 1000
\ No newline at end of file
-- 
Gitee