[RFC] Landlock sandbox support

[valoq]

(De)Compression is historically one of the most common and easy to exploit attack vectors given that usually means to parse untrusted data. While around 70% of software vulnerabilities is related to memory management vulnerabilities, there are still plenty of issues related to logic bugs (Examples). Additionally, even the rust (de)compression libraries often make use of the unsafe keyword, leaving some potential for memory issues.

To address these risks, one very simple to use solution for modern Linux system is landlock which allows a process to restrict its access to the filesystem. Implementing this into ouch would require little effort and provide a decent safety measure against potential issues that allow writing outside the intended directories.

(Note there is an equal solution for OpenBSD called unveil and Windows has an app isolation feature that can be used to implement similar functionality in case this feature is wanted on other platforms as well.)

For a full sandbox that implements proper defenses against code execution vulnerabilities, additional measures like syscall filter would be required https://docs.rs/seccomp/latest/seccomp/ (Seccomp does require extensive testing on all architectures)
This could be implemented as an additional step, though support for landlock would be the logical first step that addresses most risks with less efforts.