1 |
On Fri, 1 Oct 2004 11:30:42 +0200, Paul de Vrieze <pauldv@g.o> wrote: |
2 |
... |
3 |
> Sandbox should never ever be regarded as a security measure. It isn't. It |
4 |
> is almost trivial to subvert the sandbox. The reason for it's |
5 |
> effectiveness is solely that it's purpose is to protect against |
6 |
> accidental installing outside of the destination directory and so |
7 |
> subverting the package management (in short protecting against bad |
8 |
> makefiles and ebuilds). It IS NOT SECURE. |
9 |
> |
10 |
|
11 |
So, if builds (and installs to temporary target) were done as a |
12 |
regular user, wouldn't that obviate the need for a sandbox at all? |
13 |
Also, this would make things a lot safer on macos (and presumably |
14 |
BSD), where the sandbox does not work. |
15 |
|
16 |
Thanks, |
17 |
|
18 |
|
19 |
Chris |
20 |
|
21 |
-- |
22 |
gentoo-dev@g.o mailing list |