This is a sandboxed PDF viewer for Linux. It transforms PDF into SVG (serialized in JSON).
-
Updated
Mar 7, 2013 - C
This is a sandboxed PDF viewer for Linux. It transforms PDF into SVG (serialized in JSON).
Start Linux programs with only selected syscalls enabled (libseccomp-based)
Gradm with added support to control system call filters and network, IPC and UTS namespaces. Currently supports x86-64 only. See also https://github.com/dderby/linux-4.4.6
Grsecurity patched Linux, further modified to "containerise" processes automatically. RBAC system has been enhanced to support control of system call filters and namespaces. Currently supports network, IPC and UTS namespaces as well as seccomp filters. Currently x86-64 only. See also https://github.com/dderby/gradm
My 'Advanced container deep-dive workshop at DevConf Container Roadshow 2017.
Automated Seccomp policy generation for docker images
xinetd-kafel is a more secure replacement for xinetd with secure computing (seccomp, only work on linux)
A Falco based project that help me/you to add a better understanding of security in docker and Linux capabilities
BPF Processor for IDA Python
Experiments with unshare
[WIP] Testing Seccomp profile with Docker.
π π³ For DevOps Engineers π³ π
Add a description, image, and links to the seccomp topic page so that developers can more easily learn about it.
To associate your repository with the seccomp topic, visit your repo's landing page and select "manage topics."