libseccomp
« Back to VersTracker
Description:
Interface to the Linux Kernel's syscall filtering mechanism
Type: Formula  |  Tracked Since: Dec 28, 2025
Links: Homepage  |  formulae.brew.sh
Category: Security
Tags: security sandboxing linux syscalls c-library
Install: brew install libseccomp
About:
Libseccomp provides a high-level API for constructing and managing seccomp-bpf filters. It allows developers to restrict the system calls an application can make, significantly reducing the kernel attack surface. This library is essential for creating secure sandboxed environments.
Key Features:
  • High-level API for seccomp-bpf filter generation
  • Multi-architecture support (x86, ARM, MIPS, etc.)
  • Rule validation and sanitization
  • Integration with container runtimes
Use Cases:
  • Hardening container workloads by limiting syscalls
  • Creating secure sandboxes for untrusted code execution
  • Reducing the exploitability of compromised applications
Alternatives:
  • Native seccomp-bpf – Libseccomp abstracts away the complexity of raw BPF bytecode, making filter creation safer and more portable.
Version History
Detected Version Rev Change Commit
« Back to VersTracker  |  Browse Packages  |  About