That's why I think something like seccomp would be usable. Anything outside of pure computation must be done outside it. No flexibility, nothing. Attack vectors are isolated to the monitor process.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds