Full (local) restore security changes

(1) Prevent full restore from creating files/directories that are
    accessible by other applications

(2) Don't restore filesets from "system" packages; i.e. any that runs
    as a special uid, unless they define their own agent for handling
    the restore process.

Bug 7168284

Change-Id: Id6a0cb4c113c2e4a8c4605252cffa41bea22d8a3