On Thu, Jan 15, 2009 at 5:57 AM, Stephan Peijnik <stephan@xxxxxxxxxx> wrote: > > So Paul, do you think the interface would be of any use to you? Potentially, yes. My concern was that we not add another new (incomplete) userspace API in cgroups for doing socket permissions - hooking into iptables was one way to do it, but if sactl is going to become the official way to do this, then hooking a cgroups filter into that seems like a good alternative. Paul _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers