|
|
|
|
|
|
by nneonneo
2540 days ago
|
|
|
Linux has seccomp for the same purpose. The most restrictive mode of seccomp permits only read, write and exit, which is good for a jailed CPU-only process (read/write commands from a pipe and exit when done - no opening new files or sockets). |
|
|