Security policy for Sys V message queues

[Darren Landoll]

> AppArmor policy shouldn't be an issue, and we allow these in the default seccomp
> policy:
>
> msgctl
> msgget
> msgrcv
> msgsnd
>

That's good, I think some of the issues I'm currently seeing are
probably more related to running a script that executes a binary that
then does a fork/exec to start up other processes... so I have some
stuff to figure there to make sure all binaries called by fork/exec
have the right permissions, etc.