allows a program to permanently narrow its own syscall surface at runtime after an initialization phase completes
allows a program to permanently narrow its own syscall surface at runtime after an initialization phase completes