I guess the TL;DR is: This is a cool project, don't get me wrong :)
I just feel that it's difficult to do in Linux's heterogeneous environment where everyone uses their own kernel configuration and libc variant... the reason is not just the difficult C API (with BPF in it...) but it's also the surprises and weak guarantees in the environment where these programs run.
We should at some point be able to do unprivileged sandboxing, but seccomp-bpf may not be the way to do this at scale.
I just feel that it's difficult to do in Linux's heterogeneous environment where everyone uses their own kernel configuration and libc variant... the reason is not just the difficult C API (with BPF in it...) but it's also the surprises and weak guarantees in the environment where these programs run.
We should at some point be able to do unprivileged sandboxing, but seccomp-bpf may not be the way to do this at scale.