2024-10-13 –, 107
Language: English
SECCOMP, short for SECure COMPuting, is a part of Linux kernel that allows restricting, logging or otherwise reacting to systemcalls or systemcall arguments a userspace process can invoke.
The talk offers a brief introduction to SECCOMP API and its history. Further, I will focus on how SECCOMP is currently used (sandboxing) and some of its current limitations. I will also talk about debugging SECCOMP enabled process with Valgrind.
Experti
SUSE Labs / Kernel Core team