|
|
|
|
|
|
by kapilvt
702 days ago
|
|
|
sort of reminds me of https://github.com/google/gvisor, re syscall interception and checking. gvisor had some significant performance impacts for io/syscall heavy workloads, but potentially seccomp/bpf could do better albeit that's mostly filtering/transform on param re more minimal touchpoint. |
|
|