Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Guide to the Secure Configuration of OpenEmbedded
System Settings
Kernel Configuration
Enable use of Berkeley Packet Filter with seccomp
Enable use of Berkeley Packet Filter with seccomp
An XCCDF Rule
Details
Profiles
Prose
Enable use of Berkeley Packet Filter with seccomp
Medium Severity
Enable tasks to build secure computing environments defined in terms of Berkeley Packet Filter programs which implement task-defined system call filtering polices. The configuration that was used to build kernel is available at
/boot/config-*
. To check the configuration value for
CONFIG_SECCOMP_FILTER
, run the following command:
grep CONFIG_SECCOMP_FILTER /boot/config-*
For each kernel installed, a line with value "y" should be returned.