AI, Data Science & Cloud Certificates from Google, IBM & Meta — 40% Off
One plan covers every Professional Certificate on Coursera. 40% off Coursera Plus Annual.
Unlock All Certificates
Explore the technical challenges and proposed solutions for implementing multiple seccomp listeners in nested container environments in this 27-minute conference talk from the Linux Plumbers Conference. Learn about the current limitations of seccomp listeners, which are restricted to a single listener per process, and understand how this constraint creates problems in nested container scenarios where multiple container runtimes need to intercept different system calls simultaneously. Discover the workarounds currently employed by container runtimes like LXC, which often disable seccomp listeners when detecting confinement, and examine the speaker's proposed approaches for supporting multiple or nested listeners. Gain insights into user-space API design considerations and their kernel-level implications, while reviewing the technical details of a submitted kernel patchset that addresses these challenges for improved container security and functionality.
![CNCF [Cloud Native Computing Foundation]](https://www.classcentral.com/cdn-cgi/image/height=40,format=auto,quality=85/images/logos/institutions/cncf-cloud-native-computing-foundation-hz.png){kind=small}
