seccomp
Enable seccomp (secure computing mode) to perform system call filtering at runtime to increase security of programs
Name | Category | Description |
---|---|---|
bind | net-dns | BIND - Berkeley Internet Name Domain - Name Server |
bind | net-dns | BIND - Berkeley Internet Name Domain - Name Server |
bind-tools | net-dns | bind tools: dig, nslookup, host, nsupdate, dnssec-keygen |
chrony | net-misc | NTP client and server programs |
clsync | app-admin | Live sync tool based on inotify, written in GNU C |
containerd | app-emulation | A daemon to control runC |
cri-o | app-emulation | OCI-based implementation of Kubernetes Container Runtime Interface |
docker | app-emulation | The core functions you need to create Docker images and run Docker containers |
docker-runc | app-emulation | runc container cli tools (docker fork) |
elogind | sys-auth | The systemd project's logind, extracted to a standalone package |
file | sys-apps | identify a file's format by scanning binary data for patterns |
firejail | sys-apps | Security sandbox for any type of processes |
firejail-lts | sys-apps | Security sandbox for any type of processes; LTS branch |
gnome-desktop | gnome-base | Libraries for the gnome desktop that are not part of the UI |
gnutls | net-libs | A TLS 1.2 and SSL 3.0 implementation for the GNU project |
img | app-emulation | Standalone daemon-less unprivileged Dockerfile and OCI container image builder |
kscreenlocker | kde-plasma | Library and components for secure lock screen architecture |
libreswan | net-vpn | IPsec implementation for Linux, fork of Openswan |
lldpd | net-misc | Implementation of IEEE 802.1ab (LLDP) |
lxc | app-emulation | LinuX Containers userspace utilities |