I've made the case in email that interfaces should always be as general as they can be. The counter argument is that interfaces which are too general can be too powerful and hard for containment logic, like seccomp, to properly constrain and predict the outcomes from the various parameters. So lets have that debate. My argument is that essentially we're good enough to handle the power wisely and we can design interfaces, like configfd, to have easy introspection properties for confinement tools, and I'm happy to debate this with anyone on the less power makes easier interfaces side. James
