Statements (25)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
Linux kernel feature
|
| gptkbp:author |
gptkb:Andrea_Arcangeli
|
| gptkbp:canBe |
prctl()
seccomp() |
| gptkbp:designedFor |
sandboxing
|
| gptkbp:documentation |
https://www.kernel.org/doc/html/latest/userspace-api/seccomp_filter.html
|
| gptkbp:enables |
fine-grained syscall filtering
|
| gptkbp:filterModeIntroducedIn |
gptkb:Linux_kernel_3.5
|
| gptkbp:filterModeIntroducedYear |
2012
|
| https://www.w3.org/2000/01/rdf-schema#label |
Seccomp
|
| gptkbp:introducedIn |
gptkb:Linux_kernel_2.6.12
2005 |
| gptkbp:license |
gptkb:GPL
|
| gptkbp:mode |
strict mode
filter mode |
| gptkbp:prohibits |
system calls
|
| gptkbp:relatedTo |
gptkb:SELinux
gptkb:AppArmor gptkb:cgroups |
| gptkbp:usedBy |
gptkb:Google_Chrome
gptkb:systemd gptkb:Docker |
| gptkbp:bfsParent |
gptkb:Linux_systems
gptkb:Linux_containers |
| gptkbp:bfsLayer |
6
|