[brynet]

It's very difficult to reason about, for instance compare the OpenSSH sshd sandbox implementations.

https://github.com/openssh/openssh-portable/blob/master/sshd...

https://github.com/openssh/openssh-portable/blob/master/sand...

https://github.com/openssh/openssh-portable/blob/master/sand...

https://github.com/openssh/openssh-portable/blob/master/sand...

w/ Capsicum, beyond faffing around with some file descriptors, it's unclear what security cap_enter() adds:

https://github.com/openssh/openssh-portable/blob/master/sand...