Use Landlock to restrict bash calls. (#5)

https://docs.kernel.org/userspace-api/landlock.html
Reviewed-on: #5
Co-authored-by: Drew Galbraith <drew@tiramisu.one>
Co-committed-by: Drew Galbraith <drew@tiramisu.one>

Cargo.toml

@@ -16,6 +16,7 @@ tracing-subscriber = { version = "0.3", features = ["env-filter"] }
 reqwest = { version = "0.13", features = ["stream", "json"] }
 futures = "0.3"
 async-trait = "0.1"
+landlock = "0.4"
 
 [dev-dependencies]
 tempfile = "3.26.0"