Brussels / 3 & 4 February 2018

schedule

Forwarding system calls to userspace

Using Seccomp to intercept system calls and forwarding them to a handler in userspace


In this talk, I will describe SECCOMPUSERNOTIF, a new seccomp return type under development to forward syscalls to another userspace daemon. This would allow container engines to transparently hook syscalls like mount or modprobe, enabling applications inside containers to use these syscalls without modification.

Speakers

Tycho Andersen

Links