Wrapper to confine quilt with nsjail
Using quilt on untrusted spec files is not secure. For more see this posting by Matthias.
Matthias developed the original exploit, but as described in the posting, any command in %prep is run as the user calling quilt without any limitations. This was (at least to us) unexpected.
If you add an alias quilt=squilt or copy this script as 'quilt' to a directory that is earlier in $PATH you should be able to use it like you use quilt without noticying a difference.