those are unsafe from different perspectives - AFAIR, io_uring just passed some/many filtering mechanics applied to other subsystems in kernel when say reading/writing files, so security frameworks could not be enforced. Something about auditd subsystem as well.