Secure Computing Mode, also known as Seccomp, is a Linux kernel feature that improves several security features to help run Docker in a more secure environment.
It is more like a sandbox environment that not only acts as a firewall for syscalls but also enables you to restrict the actions available within the Docker containers to the host’s Linux kernel.
In this guide, you will learn how to run a container with and without the Seccomp profile.
To get started with this guide, you need the following:
To verify if your host’s kernel support Seccomp, run the following command in your host’s terminal:
Shell
$ grep SECCOMP /boot/config-$(uname -r)
CONFIG_HAVE_ARCH_SECCOMP_FILTER=y
CONFIG_SECCOMP_FILTER=y
CONFIG_SECCOMP=y
#linux #docker #cloud native #container security #seccomp