{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreicolhtg46s3t6o6vb6vqsjintnr7q65jacrevz4txjdq26oo25xwi",
    "uri": "at://did:plc:b3tz6srl4ochk2wxn6dv6xpy/app.bsky.feed.post/3mfoihmvw66c2"
  },
  "path": "/Articles/1059673/",
  "publishedAt": "2026-02-24T15:26:51.000Z",
  "site": "https://lwn.net",
  "tags": [
    "pidfd API",
    "proposing two new flags",
    "`clone3()`"
  ],
  "textContent": "The facilities provided by the kernel for the management of processes have evolved considerably in the last few years, driven mostly by the advent of the pidfd API. A pidfd is a file descriptor that refers to a process; unlike a process ID, a pidfd is an unambiguous handle for a process; that makes it a safer, more deterministic way of operating on processes. Christian Brauner, who has driven much of the pidfd-related work, is proposing two new flags for the `clone3()` system call, one of which changes the kernel's security model in a somewhat controversial way.",
  "title": "[$] As ye clone(), so shall ye AUTOREAP"
}