dhcpcd-discuss

Currently, syscall whitelist is hardcoded into the program. This can work reliably only if: 
1. the program does all syscalls directly, or 
2. the program requires certain versions and configurations of all relevant software (like libc and kernel). 
 
The part of dhcpcd to which the syscall filter is applied uses library calls, and thus it can and does fail when libraries (or kernel) are updated or recompiled with different options. It can also fail on some architectures. 
 
Please consider making syscall filters configurable or delegating this functionality to external programs. For example, systemd has some syscall filtering functionality.