mirror of
https://github.com/systemd/systemd.git
synced 2024-12-22 17:35:35 +03:00
TODO: note cgroup.kill and memfd_secret
This commit is contained in:
parent
b1f8d02557
commit
8b213bf12e
3
TODO
3
TODO
@ -262,6 +262,8 @@ Features:
|
||||
|
||||
* pid1: support new clone3() fork-into-cgroup feature
|
||||
|
||||
* pid1: support new cgroup.kill to terminate all processes in a cgroup
|
||||
|
||||
* pid1: also remove PID files of a service when the service starts, not just
|
||||
when it exits
|
||||
|
||||
@ -425,6 +427,7 @@ Features:
|
||||
* paranoia: whenever we process passwords, call mlock() on the memory
|
||||
first. i.e. look for all places we use free_and_erasep() and
|
||||
augment them with mlock(). Also use MADV_DONTDUMP.
|
||||
Alternatively (preferably?) use memfd_secret().
|
||||
|
||||
* Move RestrictAddressFamily= to the new cgroup create socket
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user