alt Hacker NewsCareful, you’re talking to developers now. Chmod is for wizards, Harry. One wouldn’t dream of disturbing the Linux gods with my own chmod magic. /s
Yes, this is indeed the answer. Create a fake root. Create a user. Chmod and chgrp to restrict it to that fake root. ln /bin if you need to. Let it run wild in its own crib.
Though why bother if you can just put it into a namespace? Containers can be much simpler than what all this Docker and Kubernetes shit around suggests.