Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore programmable system call security through Seccomp-eBPF implementation in this 28-minute conference talk from DevConf.CZ 2025. Learn how to protect userspace applications from security threats by restricting the approximately 400 system calls exposed by the Linux kernel, each representing a potential vulnerability window for attackers. Discover how Berkeley Packet Filter (BPF) programs can observe system events and report information to userspace tools, while Secure Computing-eBPF provides mechanisms to limit application system calls to the kernel. Master the fundamental concepts of implementing system call filtering based on both system call numbers and their arguments, enabling security policies to precisely define permitted or prohibited system calls with runtime filter decisions. Examine practical implementation techniques for seccomp-eBPF to improve application security, including creating effective filtering rules that maintain functionality and performance. Gain hands-on experience through practical demonstrations, real-world use cases, common pitfalls to avoid, and techniques for balancing security requirements with application needs. Develop comprehensive insights into Linux system security for protecting applications against kernel-level exploits through strategic system call restrictions.
