Packages with the seccomp use flag

Global definition: Enable seccomp (secure computing mode) to perform system call filtering at runtime to increase security of programs.

app-admin

app-admin / clsync : Live sync tool based on inotify, written in GNU C

app-containers

app-containers / containerd : A daemon to control runC

app-containers / crun : A fast and low-memory footprint OCI Container Runtime fully written in C

app-containers / docker : The core functions you need to create Docker images and run Docker containers

app-containers / img : Standalone daemon-less unprivileged Dockerfile and OCI container image builder

app-containers / lxc : A userspace interface for the Linux kernel containment features

app-containers / runc : runc container cli tools

app-crypt

app-crypt / swtpm : Libtpms-based TPM emulator

app-emulation

app-emulation / qemu : QEMU + Kernel-based Virtual Machine userland tools

app-misc

app-misc / pax-utils : ELF utils that can check files for security relevant properties

app-misc / tracker-miners : Collection of data extractors for Tracker/Nepomuk

app-text

app-text / zathura : A highly customizable and functional document viewer

gnome-base

gnome-base / gnome-desktop : Library with common API for various GNOME modules

net-analyzer

net-analyzer / arping : A utility to see if a specific IP is taken and what MAC owns it

net-libs

net-libs / gnutls : A secure communications library implementing the SSL, TLS and DTLS protocols

net-libs / webkit-gtk : Open source web browser engine

net-misc

net-misc / chrony : NTP client and server programs

net-misc / lldpd : Implementation of IEEE 802.1ab (LLDP)

net-misc / memcached : High-performance, distributed memory object caching system

net-misc / ntpsec : The NTP reference implementation, refactored

net-vpn

net-vpn / libreswan : IPsec implementation for Linux, fork of Openswan

net-vpn / ocserv : Openconnect SSL VPN server

net-vpn / tor : Anonymizing overlay network for TCP

sys-apps

sys-apps / file : identify a file's format by scanning binary data for patterns

sys-apps / firejail-lts : Security sandbox for any type of processes; LTS version

  • Enable system call filtering

sys-apps / flatpak : Linux application sandboxing and distribution framework

sys-apps / man-db : A man replacement that utilizes dbm instead of flat files

sys-apps / minijail : helper binary and library for sandboxing & restricting privs of service

sys-apps / systemd : System and service manager for Linux

x11-misc

x11-misc / xwallpaper : Wallpaper setting utility for X