LinuxDays 2024

Your locale preferences have been saved. We like to think that we have excellent support for English in pretalx, but if you encounter issues or errors, please contact us!

Linux's SECCOMP, its usecases and problems
2024-10-13 , 107
Language: English

SECCOMP, short for SECure COMPuting, is a part of Linux kernel that allows restricting, logging or otherwise reacting to systemcalls or systemcall arguments a userspace process can invoke.


The talk offers a brief introduction to SECCOMP API and its history. Further, I will focus on how SECCOMP is currently used (sandboxing) and some of its current limitations. I will also talk about debugging SECCOMP enabled process with Valgrind.


Difficulty

Experti

SUSE Labs / Kernel Core team