systemd restrictions on daemons are an excellent feature for daemon security, especially for publicly accessed services. The restrictions are fully configurable and can be removed, so there is nothing to lose if you can control the service definition file. Moreover, at least the GPT LLM is well versed in them, making the unit file easy to write or update.