[systemd-commits] TODO
Lennart Poettering
lennart at kemper.freedesktop.org
Tue Feb 18 21:07:33 CET 2014
TODO | 6 ++++++
1 file changed, 6 insertions(+)
New commits:
commit 0f3e07b7cc535af3c4ea56c3b28c140c1771fa6a
Author: Lennart Poettering <lennart at poettering.net>
Date: Tue Feb 18 21:07:13 2014 +0100
update TODO
diff --git a/TODO b/TODO
index e74aa7e..925d7a5 100644
--- a/TODO
+++ b/TODO
@@ -33,6 +33,10 @@ Preparation for 209:
Features:
+* Add a seccomp-based filter for socket() calls to limit services to
+ specific address families (for example: AF_UNIX), inspired by
+ Android's sandboxing
+
* implement Distribute= in socket units to allow running multiple
service instances processing the listening socket, and open this up
for ReusePort=
@@ -144,6 +148,8 @@ Features:
- pid1: peek into activating message when activating a service
- test bloom filter generation indexes
- introduce sd_bus_emit_object_added()/sd_bus_emit_object_removed() that automatically includes the build-in interfaces in the list
+ - port to sd-resolve for connecting to TCP dbus servers
+ - constructors for bus messages should probably not be OK with a NULL bus pointer
* sd-event
- allow multiple signal handlers per signal?
More information about the systemd-commits
mailing list