Packages with the seccomp use flag

Global definition: Enable seccomp (secure computing mode) to perform system call filtering at runtime to increase security of programs.

app-admin / clsync : Live sync tool based on inotify, written in GNU C

app-crypt / swtpm : Libtpms-based TPM emulator

app-emulation / containerd : A daemon to control runC

app-emulation / crun : A fast and low-memory footprint OCI Container Runtime fully written in C

app-emulation / docker : The core functions you need to create Docker images and run Docker containers

app-emulation / img : Standalone daemon-less unprivileged Dockerfile and OCI container image builder

app-emulation / lxc : A userspace interface for the Linux kernel containment features

app-emulation / qemu : QEMU + Kernel-based Virtual Machine userland tools

app-emulation / runc : runc container cli tools

app-misc / pax-utils : ELF utils that can check files for security relevant properties

app-misc / tracker-miners : Collection of data extractors for Tracker/Nepomuk

app-text / zathura : A highly customizable and functional document viewer

gnome-base / gnome-desktop : Library with common API for various GNOME modules

net-libs / gnutls : A secure communications library implementing the SSL, TLS and DTLS protocols

net-libs / webkit-gtk : Open source web browser engine

net-misc / chrony : NTP client and server programs

net-misc / lldpd : Implementation of IEEE 802.1ab (LLDP)

net-misc / memcached : High-performance, distributed memory object caching system

net-misc / ntpsec : The NTP reference implementation, refactored

net-vpn / libreswan : IPsec implementation for Linux, fork of Openswan

net-vpn / ocserv : Openconnect SSL VPN server

net-vpn / tor : Anonymizing overlay network for TCP

sys-apps / file : identify a file's format by scanning binary data for patterns

sys-apps / firejail-lts : Security sandbox for any type of processes; LTS version

  • Enable system call filtering

sys-apps / flatpak : Linux application sandboxing and distribution framework

sys-apps / man-db : A man replacement that utilizes berkdb instead of flat files

sys-apps / minijail : helper binary and library for sandboxing & restricting privs of service

sys-apps / systemd : System and service manager for Linux

x11-misc / xwallpaper : Wallpaper setting utility for X