DigiNews

Summary

The article argues that seccomp-based filtering of syscalls is inherently fragile and hard to apply correctly because syscalls change across libc and kernel versions, and program behavior depends on call order and architecture. It suggests abandoning strict allow lists in favor of higher level confinement approaches like OpenBSD pledge and unveil, or Linux alternatives such as Landlock or unshare, with practical examples and a critical view of the current limitations.