Expand with plugins for privilege separation, hardening and reduced attack surface analysis

[nettrino]

In addition to the common hardening features analyzed in this post it would be nice to perform analysis on more features including

• Seccomp adoption and characteristics
• default permissions on kernel or userland modules, runtime path etc.

This can probably be split into sub-issues.