SystemD - Portable Services Profiles

Service mixins profiles:

• trusted: no restrictions are applied apart from a private TMP
• minimal (added): protects system without sandboxing service
• default: number of useful restrictions
• nonnetwork: like default but without networking
• strict: all options turned on
• isolated (added): like strict plus an appendix

Source: https://github.com/systemd/systemd/tree/main/src/portable/profile/user