Cursor's forced indexing is a problem. It pulls `.env` files into its vector database by default, which is a clear data exfiltration risk in any corporate environment.

I've tried:
* Adding `.env` to `.cursorignore` – ignored.
* Setting `"files.exclude"` in Cursor's settings – no effect on indexing.
* The `CURSOR_INDEX_IGNORE` environment variable – undocumented and seems broken.

Current workaround is a wrapper script that uses `unshare` to create a separate mount namespace and bind-mount a dummy file over `.env` before launching Cursor. It's ugly but isolates the file.

```bash
#!/bin/bash
# Requires root or appropriate capabilities
umount ./.env 2>/dev/null
touch /tmp/dummy_env
mount --bind /tmp/dummy_env ./.env
unshare --mount --map-root-user -- sh -c 'umount ./.env; exec cursor'
```

Has anyone found a cleaner solution? A seccomp filter to block the specific `openat` calls Cursor uses during its scan would be ideal, but I haven't traced the exact syscall pattern yet.