On Mon, 2008-10-27 at 07:03 -0400, Oren Laadan wrote: > > In our implementation, we simply refused to checkpoint setid > programs. > > True. And this works very well for HPC applications. > > However, it doesn't work so well for server applications, for > instance. > > Also, you could use file system snapshotting to ensure that the file > system view does not change, and still face the same issue. > > So I'm perfectly ok with deferring this discussion to a later time :) Oren, is this a good place to stick a process_deny_checkpoint()? Both so we refuse to checkpoint, and document this as something that has to be addressed later? -- Dave _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers