Richard Braun, le Thu 12 Sep 2013 10:33:23 +0200, a écrit : > On Thu, Sep 12, 2013 at 08:24:41AM +0200, Samuel Thibault wrote: > > Richard Braun, le Thu 12 Sep 2013 01:57:10 +0200, a écrit : > > > How come it appears in the output of rpctrace then ? > > > > As I said, glibc probably nicely uses the RPC instead of the trap. > > Then why are we discussing interposing system calls ?
Because a malicious program can still use the trap to escape whatever cgroup system we are setting up. Samuel
