Component Type: kbuild config

More info: This kernel feature is useful for number crunching applications that may need to handle untrusted bytecode during their execution. By using pipes or other transports made available to the process as file descriptors supporting the read/write syscalls, it's possible to isolate those applications in their own address space using seccomp. Once seccomp is enabled via prctl(PR_SET_SECCOMP) or the seccomp() syscall, it cannot be disabled and the task is only allowed to execute a few safe syscalls defined by each seccomp mode. If unsure, say Y.

Build project: Kconfig (Linux kconfig) (Path: arch\Kconfig )

Other views: file explorer