Overview
Explore the intricacies of syscall supervision in this 35-minute conference talk by Christian Brauner from Canonical. Delve into user namespaces, unprivileged container limitations, and syscall fundamentals. Examine the relationship between syscalls and Seccomp, learn about syscall interception and emulation techniques, and discuss associated challenges. Gain insights into ongoing developments and future prospects in this critical area of Linux system management and security.
Syllabus
S OPEN SOURCE SUMMIT
Outline
User Namespaces
Limitations of Unprivileged Containers
Syscalls - A brief overview
Syscalls & Seccomp
Intercepting Syscalls
Emulating Syscalls
Problems
Ongoing and Future Work
Taught by
Linux Foundation