*not a security person or an expert on singularity but it advertises that it doesn’t do file system or user isolation by default