[boustrophedon]

Non-root can use seccomp-bpf. Chrome already does.

[londons_explore]

So theres nothing preventing OP implementing what they want entirely in userspace with no kernel changes already?

[jagrsw]

malloc can use mmap (aside from s/brk) - it's impossible these days to sandbox any more complex program and not allow mmap (arguments can be limited though to only a subset of flags).

[londons_explore]

But that would be the same for both this proposed mseal() and my proposed seccomp solution.