seccomp - Definição do Glossário de CI/CD
O seccomp (secure computing mode) restringe o conjunto de syscalls que um processo pode invocar por meio de um filtro de kernel, reduzindo a superfície de ataque de um container; os container runtimes trazem profiles seccomp padrão.
Guias relacionados
Linux Capabilities - CI/CD Glossary DefinitionLinux capabilities split root’s all-or-nothing power into discrete privileges, so a container can be granted…
Rootless Containers - CI/CD Glossary DefinitionRootless containers run the runtime and workload as an unprivileged user via user namespaces, so a container…
containerd - CI/CD Glossary Definitioncontainerd is the standard container runtime that handles image transfer, storage, and execution, used under…