[Exherbo-dev] Current status of sandboxing
levertond at googlemail.com
Sun Nov 13 22:55:25 GMT 2011
On Sunday 13 November 2011 22:28:35 Ciaran McCreesh wrote:
> Realistically, we can't protect against malicious build systems. Our
> target should be stupid or buggy build systems that mess around with
> things on /. That's still a very wide goal, since there are lots of
> ways to screw up, but it does mean that if a process can circumvent
> sandboxing in some deliberate way then it's not a huge problem.
It would, however, be nice to be able to safely generate metadata from
untrusted packages. This is probably a lot easier than for the actual build
as a lot of operations can be banned entirely for metadata generation, rather
than just limited.
More information about the Exherbo-dev