I tried to run a Tor v0.2.8.0-alpha-dev mid relay in Linux 3.16.0-4-amd64 with the torrc option **"Sandbox 1"**, but I only got this: ``` [warn] This version of Tor was built without support for sandboxing. To build with support for sandboxing on Linux, you must have libseccomp and its necessary header files (e.g. seccomp.h). ``` **Seccomp** is a feature of the Linux kernel that is enabled in (most) contemporary Linux distributions. It restricts a thread to a small number of system calls: **read(), write(), exit() and sigreturn()** - If the thread calls any other system call, the entire process gets terminated. now Seccomp is deprecated. Starting with **Linux 3.16**, the new **seccomp.2 a.k.a. Seccomp-BPF** has a Berkeley Packet Filter (BPF) with optional allowed syscalls other than the above mentioned four syscalls. At the developers choice and according with the application specific tasks. http://man7.org/linux/man-pages/man2/seccomp.2.html 1. I want to know if the tor code is updated and ready for using the Seccomp-BPF to make the "Sandbox 1" operational and what exactly prerequisites and additional compiling parameters are needed to compile tor with the support for sandboxing. Thank you. **Trac**: **Username**: TORques