## *seitan* was at [DevConf.CZ 2023](https://devconfcz2023.sched.com/event/1MYkc/seitan-a-plant-based-recipe-against-syscall-anxiety)! Check out the [slides](https://seitan.rocks/static/seitan_devconf_2023.pdf) and the [recording](https://seitan.rocks/static/seitan_devconf_2023.webm)
seitan diagram

seitan is a framework to filter, transform and impersonate system calls, enabling privilege reduction in container and virtualisation engines

It allows you to filter and replay only the system calls you need, instead of running things as root, or granting capabilities to processes.
Note that this project and its documentation still have some rough edges! No versions, no packages yet.

Do you want to know more?

Watch the demos below, ask your questions on the users' list, chat with us.

Do you want to contribute?

Send patches to the development list... and chat with us!
## Demo: handle and impersonate `connect()` of a target process in several ways
## Demo: issue `mknod()` on behalf of a Podman container