Sandlock is partly based on seccomp notifications and appears to be implying that they can be safely used for something the seccomp_unotify(2) man page warns against, i.e. to make a security decision to allow a syscall to proceed, which is unsafe due to TOCTOU race conditions. I think this limitation needs to be mentioned at least in the README sections where policy_fn is documented. Additionally, it might be a good idea for every function which returns NotifAction::Continue to explain why it's safe to do so.
Sandlock is partly based on seccomp notifications and appears to be implying that they can be safely used for something the
seccomp_unotify(2)man page warns against, i.e. to make a security decision to allow a syscall to proceed, which is unsafe due to TOCTOU race conditions. I think this limitation needs to be mentioned at least in the README sections wherepolicy_fnis documented. Additionally, it might be a good idea for every function which returnsNotifAction::Continueto explain why it's safe to do so.