I would like the user to specify a list of commands for gathering statistics about the system that he/she is interested in. I would run these under various scenarios automatically. However I'm not quite sure how to sandbox the commands safely.
One option would be to carry a whitelist of allowed commandcommands, but it would need to be maintained. I'd like to be really flexible such as, is it possible to run aan arbitrary command in Linux with read only file permissions?
What are your ideas?