pub fn set_no_new_privs(no_new_privs: bool) -> Result<()>
Set the calling thread’s no_new_privs attribute.
no_new_privs
prctl(PR_SET_NO_NEW_PRIVS,…)