Losing the simplicity

It does seem like a fun project, but I shudder thinking of how the utter simplicity will be thrown out for endless complexity. It's bad enough having a bitmask to allow arbitrary syscalls, but to then monitor syscall arguments? Seems to me the word "security" hardly deserves to be treated so shabbily as to be associated with this.