Skip to main content

sandbox_seccomp/
lib.rs

1//! sandbox-seccomp: Seccomp BPF syscall filtering (no root required)
2//!
3//! This crate provides seccomp-based syscall filtering using BPF programs.
4//! Seccomp does NOT require root - it only needs `PR_SET_NO_NEW_PRIVS`.
5
6pub mod bpf;
7pub mod profile;
8pub mod syscall_table;
9
10pub use bpf::SeccompBpf;
11pub use profile::{SeccompFilter, SeccompProfile};