---

Improving Linux container security with seccomp

Try this method of using an OCI runtime hook for tracing syscalls before you build a container.