1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-22 13:33:56 +03:00

TODO: mention the new Landlock LSM as a way to implement sandboxing for systemd --user

This commit is contained in:
Luca Boccassi 2021-06-02 19:13:05 +01:00
parent e91035abf0
commit 88511a3712

3
TODO
View File

@ -858,6 +858,9 @@ Features:
on PID 1 with the relevant signals, and makes relevant files in /sys and
/proc (such as the sysrq stuff) unavailable
* Support ReadWritePaths/ReadOnlyPaths/InaccessiblePaths in systemd --user instances
via the new unprivileged Landlock LSM (https://landlock.io)
* make sure the ratelimit object can deal with USEC_INFINITY as way to turn off things
* journalctl: make sure -f ends when the container indicated by -M terminates