Keyword Analysis & Research: seccomp
Keyword Research: People who searched seccomp also searched
Search Results related to seccomp on Search Engine
-
seccomp - Wikipedia
https://en.wikipedia.org/wiki/Seccomp
WEBseccomp (short for secure computing) is a computer security facility in the Linux kernel. seccomp allows a process to make a one-way transition into a "secure" state where it cannot make any system calls except exit(), sigreturn(), …
DA: 23 PA: 64 MOZ Rank: 56
-
seccomp(2) - Linux manual page - man7.org
https://www.man7.org/linux/man-pages/man2/seccomp.2.html
WEBDESCRIPTION top. The seccomp () system call operates on the Secure Computing (seccomp) state of the calling process. Currently, Linux supports the following operation values: SECCOMP_SET_MODE_STRICT The only system calls that the calling thread is permitted to make are read (2), write (2), _exit (2) (but not exit_group (2) ), and sigreturn …
DA: 35 PA: 1 MOZ Rank: 46
-
Seccomp security profiles for Docker | Docker Docs
https://docs.docker.com/engine/security/seccomp/
WEBSecure computing mode ( seccomp) is a Linux kernel feature. You can use it to restrict the actions available within the container. The seccomp() system call operates on the seccomp state of the calling process. You can use …
DA: 97 PA: 19 MOZ Rank: 23
-
Restrict a Container's Syscalls with seccomp | Kubernetes
https://kubernetes.io/docs/tutorials/security/seccomp/
WEBOct 31, 2023 · Seccomp stands for secure computing mode and has been a feature of the Linux kernel since version 2.6.12. It can be used to sandbox the privileges of a process, restricting the calls it is able to make from userspace into the kernel. Kubernetes lets you automatically apply seccomp profiles loaded onto a node to your Pods and containers.
DA: 24 PA: 98 MOZ Rank: 51
-
Seccomp BPF (SECure COMPuting with filters) — The Linux …
https://www.kernel.org/doc/html/latest/userspace-api/seccomp_filter.html
WEBSeccomp filtering provides a means for a process to specify a filter for incoming system calls. The filter is expressed as a Berkeley Packet Filter (BPF) program, as with socket filters, except that the data operated on is related to the system call being made: system call number and the system call arguments.
DA: 96 PA: 25 MOZ Rank: 72
-
Chapter 8. Linux Capabilities and Seccomp - Red Hat Customer …
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_atomic_host/7/html/container_security_guide/linux_capabilities_and_seccomp
WEBSecure Computing Mode (seccomp) is a kernel feature that allows you to filter system calls to the kernel from a container. The combination of restricted and allowed calls are arranged in profiles, and you can pass different profiles to different containers.
DA: 54 PA: 81 MOZ Rank: 76
-
Improving Linux container security with seccomp - Enable Sysadmin
https://www.redhat.com/sysadmin/container-security-seccomp
WEBJun 15, 2020 · At its core, seccomp allows for filtering the syscalls invoked by a process and can thereby be used to restrict which syscalls a given process is allowed to execute. Many software projects, such as Android, Flatpak, Chrome, and Firefox, use seccomp to tighten security further.
DA: 73 PA: 51 MOZ Rank: 26
-
A seccomp overview [LWN.net]
https://lwn.net/Articles/656307/
WEBSep 2, 2015 · By restricting what system calls can be made, seccomp is a key component for building application sandboxes. History. The first version of seccomp was merged in 2005 into Linux 2.6.12. It was enabled by writing a "1" to /proc/PID/seccomp.
DA: 80 PA: 7 MOZ Rank: 25
-
Security/Sandbox/Seccomp - MozillaWiki
https://wiki.mozilla.org/Security/Sandbox/Seccomp
WEBJul 25, 2016 · Seccomp stands for secure computing mode. It's a simple sandboxing tool in the Linux kernel, available since Linux version 2.6.12. When enabling seccomp, the process enters a "secure mode" where a very small number of system calls are available (exit (), read (), write (), sigreturn ()).
DA: 90 PA: 51 MOZ Rank: 80
-
Linux Secure Computing (seccomp) Training Course - man7.org
https://www.man7.org/training/seccomp/index.html
WEBThis course provides a thorough introduction to the Linux secure computing (seccomp) facility, a mechanism that can used to sandbox applications by limiting the set of system calls that they may perform. Seccomp one of the components used in a range of modern applications, including container frameworks, sandboxing technologies, and systemd.
DA: 36 PA: 25 MOZ Rank: 72