I was reading a Docker security article this morning: https://opensource.com/business/15/3/docker-security-future
... and there's talk about leveraging libseccomp bindings to enhance Docker container security. It seems to me that similar security concerns probably exist for mesos deployments (using Docker or not). Has anyone thought of integrating something like this to further isolate mesos container sandboxes? For reference: https://github.com/seccomp/libseccomp -James
