Add support for the landlock linux security module

Either ts_uinput or the library itself could, after setup, restrict itself to the configured files, devices and so on, see https://docs.kernel.org/userspace-api/landlock.html

Let's implement a first, minimal restriction in a portable way and see how that goes. I'd prefer ts_uinput somehow.