diff --git a/.gitignore b/.gitignore
index 7455fb67d..ec130c78b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -73,3 +73,4 @@ node_modules/
 *.gz
 
 .*.swp
+*/venv
diff --git a/bin/intra-jail b/bin/intra-jail
index c57414dbb..556c445e9 100755
Binary files a/bin/intra-jail and b/bin/intra-jail differ
diff --git a/bin/intra-jail-check b/bin/intra-jail-check
index d67080c09..06f0cb6bb 100755
Binary files a/bin/intra-jail-check and b/bin/intra-jail-check differ
diff --git a/bin/jail b/bin/jail
index 50f93f483..49b8dfe57 100755
Binary files a/bin/jail and b/bin/jail differ
diff --git a/bin/jail-check b/bin/jail-check
index 72b0c121f..f2e67e9db 100755
Binary files a/bin/jail-check and b/bin/jail-check differ
diff --git a/git/run.sh b/git/run.sh
index 96b8abaa1..69f133aa6 100644
--- a/git/run.sh
+++ b/git/run.sh
@@ -1,5 +1,4 @@
 #! /bin/bash
 eval "$(pyenv init -)"
 pyenv shell $SORNA_PYTHON_VERSION
-#exec /home/sorna/jail git `pyenv which python` /home/sorna/run.py
-`pyenv which python` /home/sorna/run.py
+exec /home/sorna/jail git `pyenv which python` /home/sorna/run.py
diff --git a/jail/main.go b/jail/main.go
index fd5f28934..1bda120b8 100644
--- a/jail/main.go
+++ b/jail/main.go
@@ -44,6 +44,7 @@ var (
 	id_Fork, _     = seccomp.GetSyscallFromNameByArch("fork", arch)
 	id_Vfork, _    = seccomp.GetSyscallFromNameByArch("vfork", arch)
 	id_Execve, _   = seccomp.GetSyscallFromNameByArch("execve", arch)
+	id_Kill, _     = seccomp.GetSyscallFromNameByArch("kill", arch)
 	id_Chmod, _    = seccomp.GetSyscallFromNameByArch("chmod", arch)
 	id_Fchmodat, _ = seccomp.GetSyscallFromNameByArch("fchmodat", arch)
 )
@@ -177,6 +178,9 @@ loop:
 							if debug {
 								l.Printf("fork owner: %s\n", execPath)
 							}
+						case id_Kill:
+							targetPid := int(regs.Rdi)
+							allow = (targetPid != pid && targetPid != os.Getpid())
 						case id_Execve:
 							execPath, _ := utils.GetExecutable(result.pid)
 							if execPath == myExecPath {
diff --git a/jail/policy/common.go b/jail/policy/common.go
index 334e408fd..dcb584448 100644
--- a/jail/policy/common.go
+++ b/jail/policy/common.go
@@ -1,7 +1,8 @@
 package policy
 
 import seccomp "github.com/seccomp/libseccomp-golang"
-import "syscall"
+
+//import "syscall"
 
 var TracedSyscalls []string
 var AllowedSyscalls []string
@@ -59,7 +60,7 @@ func init() {
 
 	// Following syscalls are conditionally allowed.
 	ConditionallyAllowedSyscalls = map[string]seccomp.ScmpCondition{
-		"kill": {1, seccomp.CompareEqual, uint64(syscall.SIGSTOP), 0},
+	//"kill": {1, seccomp.CompareEqual, uint64(syscall.SIGSTOP), 0},
 	}
 
 	// Following syscalls are blindly allowed.
@@ -189,7 +190,7 @@ func init() {
 		"getegid",
 		"getregid",
 		"getresgid",
-		"getgroups",  // for shell
+		"getgroups", // for shell
 		"getcwd",
 		"socket",
 		"socketpair",
@@ -240,7 +241,7 @@ func init() {
 		"setpgid", // for shell
 		"getpgrp",
 		"getsid",
-		"setsid",  // for shell
+		"setsid", // for shell
 		"gettimeofday",
 		"clock_gettime",
 		"clock_getres",