- Tighten down seunshare to create /tmp dir with sticky bit and MS_NODEV | MS_NOSUID | MS_NOEXEC;
- Remove setsid on seunshare so ^c on sandbox will cause apps to exit
- Add dbus-launch --exit-with-session so all processes launched within the sandbox exit with the sandbox
- Clean up error handling so error will get sent back to sandbox tool