Lines Matching full:restrictions

58 space may not know each other's supported restrictions), hence the need
221 security policy; only adding more restrictions is allowed.  These threads are
295 restrictions from its parent.  This is similar to the seccomp inheritance (cf.
308 Ptrace restrictions
312 then be subject to additional restrictions when manipulating another process.
320 Similar to the implicit `Ptrace restrictions`_, we may want to further restrict
480 Threads sandboxed with filesystem restrictions cannot modify filesystem
493 restricted.  However, thanks to the `ptrace restrictions`_, access to such
546 restrict access to files, also implies inheritance of the ruleset restrictions
672 Using user space process to enforce restrictions on kernel resources can lead
682 fine-grained restrictions).  Moreover, their complexity can lead to security