[$] The inherent fragility of seccomp()

Kernel developers have worried for years that tracepoints could lead toapplications depending on obscure implementation details; the consequentneed to preserve existing behavior to avoid causing regressions could endup impeding future development. A recent report shows that theseccomp() system call is also more prone to regressions than usersmay expect - but kernel developers are unlikely to cause these regressionsand, indeed, have little ability to prevent them. Programs usingseccomp() will have an inherently higher risk of breaking whensoftware is updated.