DO NOT MERGE - Full (local) restore security changes

(1) Prevent full restore from creating files/directories that are
    accessible by other applications

(2) Don't restore filesets from "system" packages; i.e. any that runs
    as a special uid, unless they define their own agent for handling
    the restore process.

Bug 7168284

This is a cherry-pick from the originating tree.

Change-Id: I9f39ada3c4c3b7ee63330b015e62745e84ccb58f
2 files changed