The file
command would seem to be an ideal candidate for sandboxing; it routinely handles
untrusted input. But an effort to add seccomp()
filtering to file for Debian has run aground. The upstream file project has added
support for sandboxing via seccomp() but it does not play well
with other parts of the Debian world, package building in particular. This
situation
provides further evidence that seccomp() filtering is brittle and difficult to use.

Source: LWN.net – [$] Hardening the “file” utility for Debian