Secure Computing Mode, also known as Seccomp, is a Linux kernel feature that improves several security features to help run Docker in a more secure environment.

It is more like a sandbox environment that not only acts as a firewall for syscalls but also enables you to restrict the actions available within the Docker containers to the host’s Linux kernel.

In this guide, you will learn how to run a container with and without the Seccomp profile.

Prerequisites

To get started with this guide, you need the following:

• A Linux host with sudo privileges.
• Seccomp enabled in Linux Kernel.
• Latest Docker

To verify if your host’s kernel support Seccomp, run the following command in your host’s terminal:

Shell

$ grep SECCOMP /boot/config-$(uname -r) 
CONFIG_HAVE_ARCH_SECCOMP_FILTER=y 
CONFIG_SECCOMP_FILTER=y 
CONFIG_SECCOMP=y 

#linux #docker #cloud native #container security #seccomp