Implements a seccomp-bpf filter that allows only specified system calls. Once the filter is installed, attempting to call an unspecified system call will cause the program to terminate.
SyscallFilter filter;
filter.allow(SYS_open);
filter.allow(SYS_read);
filter.allow(SYS_write);
filter.allow(SYS_close);
std::error_code err = filter.install();
This software is licensed under the terms of the MIT License.