seccomp-bpf is the exact mechanism behind Chrome's renderer sandbox, Docker's default seccomp profile, and systemd's `SystemCallFilter=`, all of which whitelist a minimal syscall set to shrink the kernel's attack surface for untrusted code. Getting the BPF comparison direction wrong here is a real security bug class: an inverted allow/deny check has shipped in real sandbox escapes, which is why filters are almost always reviewed line-by-line before merging.