| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
Marijn Schouten wrote: |
| 5 |
> 3) security. When installing a package, it only has write access to its |
| 6 |
> own directory. I'm guessing they do this with ACLs. |
| 7 |
> |
| 8 |
> So we have this cool package manager which supports 1) and 2), but not |
| 9 |
> 3) I think, and they have almost no package manager, but it supports 1), |
| 10 |
> 2) and 3). |
| 11 |
|
| 12 |
Gentoo has this feature, too. It's provided by a package called |
| 13 |
sys-apps/sandbox. It's a dependency of portage on all glibc and uclibc |
| 14 |
systems (so, it's part of any standard Gentoo/Linux install). It |
| 15 |
prevents packages from touching anything outside of their build |
| 16 |
directory, or an image directory where it is installed before portage |
| 17 |
merges the files into the live filesystem. |
| 18 |
|
| 19 |
- -- |
| 20 |
Mike Kelly |
| 21 |
-----BEGIN PGP SIGNATURE----- |
| 22 |
Version: GnuPG v1.4.3 (MingW32) |
| 23 |
|
| 24 |
iD8DBQFFgzZKokMzJ47YCzoRAh/RAJsHLn4hd0EyoirGWtrzpWJi2EpprwCgpkBU |
| 25 |
8zgguiyibYouS6F2X96Ser8= |
| 26 |
=IhAp |
| 27 |
-----END PGP SIGNATURE----- |
| 28 |
|
| 29 |
-- |
| 30 |
gentoo-dev@g.o mailing list |
Archives