[$] Hardening the "file" utility for Debian

The filecommand would seem to be an ideal candidate for sandboxing; it routinely handlesuntrusted input. But an effort to add seccomp()filtering to file for Debian has run aground. The upstream file project has addedsupport for sandboxing via seccomp() but it does not play wellwith other parts of the Debian world, package building in particular. Thissituation provides further evidence that seccomp() filtering is brittle and difficult to use.