mirror of
https://github.com/systemd/systemd
synced 2024-10-06 16:21:34 +00:00
update TODO
This commit is contained in:
parent
eb2a610210
commit
d995ccd7b5
6
TODO
6
TODO
|
@ -121,6 +121,12 @@ Deprecations and removals:
|
|||
|
||||
Features:
|
||||
|
||||
* maybe prohibit setuid() to the nobody user, to lock things down, via seccomp.
|
||||
the nobody is not a user any code should run under, ever, as that user would
|
||||
possibly get a lot of access to resources it really shouldn't be getting
|
||||
access to due to the userns + nfs semantics of the user. Alternatively: use
|
||||
the seccomp log action, and allow it.
|
||||
|
||||
* sd-boot: add a new PE section .bls or so that carries a cpio with additional
|
||||
boot loader entries (both type1 and type2). Then when initializing, find this
|
||||
section, iterate through it and populate menu with it. cpio is simple enough
|
||||
|
|
Loading…
Reference in a new issue