seccomp_filter

[Carsten Mattner]

Can I configure openssh with --sandbox=seccomp_filter and have it still run
on older kernels with sandboxing via rlimit? I'm asking from a linux
distro packaging
point of view. Does --sandbox=seccomp_filter keep the rlimit sandbox?
It looks to
me as if I can only link in one of the sandbox plugins.

An openssh build with seccomp_filter enabled will probably have no sandbox
at all on linux < 3.5. Is that correct? Would it start up linux 3.4 or
3.2 at all?