Merge pull request #10935 from poettering/rlimit-nofile-safe

Merged by hand to resolve a trivial conflict in TODO.
author: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2018-12-06 17:19:21 +0100
committer: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2018-12-06 17:19:21 +0100
commit: 871fa294ff38b7fc0df7ddc2b03ec781d9f0cb8a (patch)
tree: e6832d12fd4f4a8120656ab07491cd0eb70de665 /TODO
parent: f0a43eb821e7b6952977a92cd2ce8a2575f7101a (diff)
parent: 707b3fbd5732c630d1fd0bab6f6e5b8f7130b322 (diff)
download: systemd-871fa294ff38b7fc0df7ddc2b03ec781d9f0cb8a.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/TODO b/TODO
index 41ad24d3bb..3a4eac4b2c 100644
--- a/TODO
+++ b/TODO
@@ -29,6 +29,10 @@ Features:
 
 * when we fork off generators and such, lower LIMIT_NOFILE soft limit to 1K
 
+* Maybe introduce a helper safe_exec() or so, which is to execve() which
+  safe_fork() is to fork(). And then make revert the RLIMIT_NOFILE soft limit
+  to 1K implicitly, unless explicitly opted-out.
+
 * rework seccomp/nnp logic that that even if User= is used in combination with
   a seccomp option we don't have to set NNP. For that, change uid first whil
   keeping CAP_SYS_ADMIN, then apply seccomp, the drop cap.
author	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2018-12-06 17:19:21 +0100
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2018-12-06 17:19:21 +0100
commit	871fa294ff38b7fc0df7ddc2b03ec781d9f0cb8a (patch)
tree	e6832d12fd4f4a8120656ab07491cd0eb70de665 /TODO
parent	f0a43eb821e7b6952977a92cd2ce8a2575f7101a (diff)
parent	707b3fbd5732c630d1fd0bab6f6e5b8f7130b322 (diff)
download	systemd-871fa294ff38b7fc0df7ddc2b03ec781d9f0cb8a.tar.gz