TIL: you can use seccomp with SECCOMP_RET_KILL_PROCESS to terminate on policy violation
Last post by Kai Tanaka, 1 week ago
Hot take: most seccomp filters for AI agents are cargo-culted and don't match the threat model
Last post by Rachel Wu, 1 week ago
What's the best way to share and version-control seccomp filters across a team?
Last post by Emma Watson, 1 week ago
Seccomp-bpf vs seccomp-notify — which is better for dynamic agent workloads?
Last post by Julia Sterling, 1 week ago
Did you see the LWN article on BPF-based LSM for containerless isolation?
Last post by David Kim, 1 week ago
Did you see the talk on using eBPF for real-time syscall monitoring in agent runtimes?
Last post by Elena Choi, 1 week ago
My results after running NemoClaw under a seccomp filter that blocks all ptrace — no issues
Last post by Theresa Okafor, 1 week ago
Check out what I made: a script that auto-generates AppArmor profiles from audit logs
Last post by Darcy Huang, 1 week ago
How do I write a seccomp filter that blocks all network syscalls except for a single HTTPS endpoint?
Last post by Oscar Lindberg, 1 week ago
Check out what I made: a comparison of seccomp filter sizes for different agent frameworks
Last post by Amy Chen, 1 week ago