FYI for anyone depending on the restrictions policy to lock down their environment, you might want to use a third party product that is more finely tuned.
Using a configuration profile with the payload Restrictions, I have added "/System/Library/PrivateFrameworks/ScreenReader.framework/" to the disallowed folders list. When you click on "VoiceOver Quickstart" from System Preferences, the VoiceOver Quickstart app from inside that folder is launched via a launchd job. It is not blocked. It seems the restrictions policy cannot properly identify some or all launchd processes, probably because they are being identified as the process ‘launchd’, so one could launch anything they wanted via a launch agent to get around any 'disallowed folders' in a restrictions payload.
