I would hate to see this be a special purpose thing, when the existing Linux capability concept fits it so well. Require certain capabilities to do all those forbidden system calls, and then exec the tenant program without those capabilities.
Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds