You're on Hacker News this morning: `https://news.ycombinator.com/item?id=26644110

Regarding safety issues users on HN have suggested using ptrace to intercept syscalls to simulate commands like "rm" and "dd". This seems like it might lead to some frustrating edge cases, though. Especially if you're trying to support MacOS and Linux.

https://news.ycombinator.com/item?id=26644508

Another user suggested using the seccomp syscall in Linux, pledge in BSD to disallow writes from the UP process.

https://news.ycombinator.com/item?id=26644319

Finally another user suggested using blacklists/whitelists to disallow certain destructive executables.

https://news.ycombinator.com/item?id=26644442

I think all three of these are good ideas with varying levels of complexity. It would protect users who don't realize that this tool can be destructive (or those of us who are absentminded) and perhaps make it possible to use a live search mode again.