mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-22 13:33:56 +03:00
TODO: mention the new Landlock LSM as a way to implement sandboxing for systemd --user
This commit is contained in:
parent
e91035abf0
commit
88511a3712
3
TODO
3
TODO
@ -858,6 +858,9 @@ Features:
|
||||
on PID 1 with the relevant signals, and makes relevant files in /sys and
|
||||
/proc (such as the sysrq stuff) unavailable
|
||||
|
||||
* Support ReadWritePaths/ReadOnlyPaths/InaccessiblePaths in systemd --user instances
|
||||
via the new unprivileged Landlock LSM (https://landlock.io)
|
||||
|
||||
* make sure the ratelimit object can deal with USEC_INFINITY as way to turn off things
|
||||
|
||||
* journalctl: make sure -f ends when the container indicated by -M terminates
|
||||
|
Loading…
Reference in New Issue
Block a user