tame() sandbox for file


child(....)
{
+       if (tame("stdio cmsg getpw proc", NULL) == -1)
+               err(1, "tame");

        if (geteuid() == 0) {
                pw = getpwunam("file");
                if (pw == NULL)
                        errx(1, "unknown user file\n");
                /* some uid setup */
        }

+       if (tame("stdio cmsg", NULL) == -1)
+               err(1, "tame");

- No filesystem access.  No sockets.
- Files to check provided by parent over fd-passing