seccomp is enforced in runc.
The call chain looks like this: dockerd -> containerd -> containerd-shim -> runc
You can’t apply a seccomp profile that would prevent runc from being able to run your process.
seccomp is enforced in runc.
The call chain looks like this: dockerd -> containerd -> containerd-shim -> runc
You can’t apply a seccomp profile that would prevent runc from being able to run your process.