UNISTDX_SYSTEM_SECURITY
enum capabilities: u32
    enum secure_computing_modes
      enum security_bits: u32
      • no_root =SECBIT_NOROOT
      • no_root_locked =SECBIT_NOROOT_LOCKED
      • no_setuid_fixup =SECBIT_NO_SETUID_FIXUP
      • no_setuid_fixup_locked =SECBIT_NO_SETUID_FIXUP_LOCKED
      • keep =SECBIT_KEEP_CAPS
      • keep_locked =SECBIT_KEEP_CAPS_LOCKED
      • no_ambient_raise =SECBIT_NO_CAP_AMBIENT_RAISE
      • no_ambient_raise_locked =SECBIT_NO_CAP_AMBIENT_RAISE_LOCKED
      operator>>(std::istream & in, capabilities & rhs) -> std::istream &
      ambient_set_contains(capabilities cap) -> bool
      UNISTDX_FLAGS(security_bits)
      ambient_set_remove(capabilities cap) -> bool
      secure_computing_mode() -> secure_computing_modes
      operator<<(std::ostream & out, capabilities rhs) -> std::ostream &
      keep_capabilities(bool b) -> void
      to_string(capabilities c) -> const char *
      security_bits(::sys::security_bits s) -> void
      security_bits() -> inline ::sys::security_bits
      no_new_privileges() -> bool
      no_new_privileges(bool value) -> void
      bounding_set_remove(capabilities cap) -> void
      ambient_set_add(capabilities cap) -> bool
      string_to_capability(const char * s) -> capabilities
      keep_capabilities() -> bool
      secure_computing_mode(secure_computing_modes mode) -> void
      bounding_set_contains(capabilities cap) -> bool
      ambient_set_clear() -> bool