LinuxDays 2024

Linux's SECCOMP, its usecases and problems
10-13, 11:00–11:50 (Europe/Prague), 107
Language: English

SECCOMP, short for SECure COMPuting, is a part of Linux kernel that allows restricting, logging or otherwise reacting to systemcalls or systemcall arguments a userspace process can invoke.


The talk offers a brief introduction to SECCOMP API and its history. Further, I will focus on how SECCOMP is currently used (sandboxing) and some of its current limitations. I will also talk about debugging SECCOMP enabled process with Valgrind.


Difficulty

Experti

SUSE Labs / Kernel Core team