I couldn’t perceive why this pull request was merged:
In response to PR:
Allow filtering of system calls utilizing seccomp-bpf: permit solely explicitly allowlisted (anticipated) syscalls to be referred to as.
The syscall sandboxing applied on this PR is an experimental function at the moment out there solely beneath Linux x86-64.
Can somebody assist me perceive how does this assist as as a consumer with examples?