Isolate: Updating TODO

[eval.git] / TODO

diff --git a/TODO b/TODO
index 28ef3f3174848f4a9171902579d99e5a84347c84..6655fd21004447fcf6dd6fb2b8d82c19dad3cf9a 100644 (file)
--- a/TODO
+++ b/TODO
@@ -33,3 +33,15 @@ recursive try-ln for dir input
 clean and well-defined expansion (beware of per-test re-expansion)
 configurable names of in/out files (independent of $PROBLEM)
 paranoidly check file mode/owner before running the sandbox
+
+Isolate
+~~~~~~~
+Make the list of bind-mounts configurable (some of them even read-only)
+Virtual /dev
+Installation
+Test: ptrace self
+Test: SIGSTOP
+Test: ping-pong timing attacks
+Test: big static memory
+Examine the use of taskstats for measuring memory
+Doc: mount -t cgroup none -o cpuset,cpuacct,memory /sys/fs/cgroup