Patches have been proposed for that, but were rejected:
[PATCH] syscalls: Document OCI seccomp filter interactions & workaround https://<email address hidden>/
[RFC PATCH] Linux: Add seccomp probing to faccessat2 https://sourceware.org/pipermail/libc-alpha/2020-November/119955.html
We *really* need to clean this up properly, so that we are prepared if we need to add a new system call as part of a security fix.
Patches have been proposed for that, but were rejected:
[PATCH] syscalls: Document OCI seccomp filter interactions & workaround
https://<email address hidden>/
[RFC PATCH] Linux: Add seccomp probing to faccessat2 /sourceware. org/pipermail/ libc-alpha/ 2020-November/ 119955. html
https:/
We *really* need to clean this up properly, so that we are prepared if we need to add a new system call as part of a security fix.