1 |
On Thu, 15 May 2014 16:48:24 +0100 |
2 |
Ciaran McCreesh <ciaran.mccreesh@××××××××××.com> wrote: |
3 |
|
4 |
> Sandboxing isn't about security. It's about catching mistakes. |
5 |
|
6 |
Ciaran has a point here. Thomas, you assumed that network-sandbox is |
7 |
the only thing stopping an ebuild from accessing local services or the |
8 |
internet. However, even with network-sandbox being enabled such |
9 |
behaviour would still constitue a major bug which would be fixed by the |
10 |
devs. |
11 |
|
12 |
So yes, network-sandbox (and same goes for ipc-sandbox) is mainly a |
13 |
debugging aid for developers which will help them spot such problems |
14 |
more easily. |
15 |
|
16 |
|
17 |
-- |
18 |
Regards, |
19 |
Luis Ressel |