#!/bin/bash

# Credit to  Ivan Zahariev	 at https://blog.famzah.net/2014/06/04/private-tmp-mount-per-process-in-linux/

TARGET_CMD=$1
NEWTMP="$(mktemp -d)"

chown "root:root" "$NEWTMP"
chmod 770 "$NEWTMP"

unshare --mount -- /bin/bash -c "mount -o bind,noexec,nosuid,nodev '$NEWTMP' /tmp && $TARGET_CMD"