Embodiments of the present invention include a system and method for making it safe to execute downloaded code. The method includes accessing an application, the application making a system call to a library of a computer system for a resource, establishing a requesting thread. The method further includes the library sending a request message to a local security filter; the local security filter validating the requesting thread and returning a digital signature, that uniquely identifies the requesting thread, to the application. The application making a system call to a kernel of the computer system wherein the kernel uses the digital signature from the security filter to validate the requesting thread before allowing access to the requested resource.