Is there any real point to this?<p>Is this effectively anything more than a syscall filtered container?<p>To me, relaying syscalls from a guest in a VM to a host sounds like it is defeating the whole point of the VM!<p>At least normally a VM doesn’t have direct access to host syscalls — it is confirmed to the emulated block and network devices which (should) provide a constrained means of access.<p>Container escapes often happen because of exposure to host kernel interfaces (via syscalls!), and kernel file systems such as /sys and /proc (especially /proc/self shenanigans).<p>I fear they have reinvented a container, much less efficiently.