We are a group of grad students from Carnegie Mellon University working on a project to analyse the Linux syscalls for vulnerabilities to create custom seccomp profiles. We understand docker has blocked 44 syscalls in its current seccomp profile.
It would be very helpful to us if you could provide us with some pointers to the method used for this analysis.
On a side note we were wondering if docker community has already done the analysis of all the existing Linux syscalls since if that is the case, our project might just be a repititon of the existing work and we may need to shift our focus to the steps required after the analysis