The facilities provided by the kernel for the management of processes have evolved considerably in the last few years, driven mostly by the advent of
the pidfd API. A pidfd is a file
descriptor that refers to a process; unlike a process ID, a pidfd is an unambiguous handle for a process; that makes it a safer, more deterministic
way of operating on processes. Christian Brauner, who has driven much of
the pidfd-related work, is proposing
two new flags for the clone3()
system call, one of which changes the kernel's security model in a
somewhat controversial way.
https://lwn.net/Articles/1059673/
--- SBBSecho 3.34-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)