About this question
Hard · systems · Quant Developer interview question · systems, linux, security, low-latency, c++
High-frequency trading systems often employ process sandboxing to mitigate the risk of rogue algorithms executing unauthorized system operations, such as opening network connections or accessing sensitive files. Seccomp-BPF (Secure Computing with Berkeley Packet Filter) provides a mechanism to strictly filter system calls at the kernel level, ensuring strategies operate within a defined safety perimeter. Task Implement the StrategySandbox class with a method enforce() that installs a Seccomp-BP