Systems

I’ve talked before about the problems I’ve had with the current clone/fork situation, now it’s time to get into solutions.

I’ve recently mentioned my issues with clone(), though I stopped short of proposing something better. A big part of that is that if I were to propose something better, I’d have to address the other major issues with process creation on *nix.

The clone system call needs a better wrapper, at least on Linux. See, you might have heard about this neat containers thing. Run processes with some actual separation and (the start of) security! Let yourself feel the freedom! And they’re great… as long as you’re not calling the libc functions yourself.