On 6/8/2012 5:17 AM, Daniel Godás wrote: > I guess my point is --close-all-fds was actually useful and I think > removing it should be reconsidered. > > Regards, > Dan
I don't think that this necessarily needs to be reconsidered but perhaps a more formal method to establish a communication channel between host and container. I am thinking of something in the spirit of the Serial I/O host-guest communication channel implemented for KVM. I recall there was a lot of discussion over this feature with some suggesting just to establish a network connection. In the end it was agreed that some communication channel independent of the network stack was necessary. Like-wise in the container world I think we could benefit from a formal way to establish a communication channel between the host and a container. Thoughts? V/r, Daniel ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
