1 |
On 11/02/14 01:36, Jason A. Donenfeld wrote: |
2 |
> Hey folks, |
3 |
> |
4 |
> Late night clicking-while-drooling, I came across something a few |
5 |
> minutes ago that mildly piqued my interest -- mbox |
6 |
> <http://pdos.csail.mit.edu/mbox/>. It's a sandbox that uses a |
7 |
> combination of ptrace and seccomp bpf; neither ours nor exherbo's uses |
8 |
> both of these together. The killer feature, for us, that's motivating |
9 |
> me to write to this list, is that it creates a "shadow file system", |
10 |
> and then has the option to commit the changes of that file system to |
11 |
> the real file system, piece by piece, when the process is done. It |
12 |
> made me think of some discussions we had at FOSDEM about Portage |
13 |
> evolution and whatnot. I haven't looked at this tool past an initial |
14 |
> glance, but it does look like interesting food for thought. |
15 |
> |
16 |
> Jason |
17 |
> |
18 |
|
19 |
At FOSDEM I have seen this interesting talk[1,2] on a similar subject. |
20 |
PRoot[3] would be similar to mbox. But CARE[4] might be great to |
21 |
reproduce build problems on user machines. |
22 |
|
23 |
justin |
24 |
|
25 |
1 https://fosdem.org/2014/schedule/event/syscall/ |
26 |
2 |
27 |
http://ftp.belnet.be/FOSDEM/2014/H2215_Ferrer/Saturday/Software_engineering_tools_based_on_syscall_instrumentation.webm |
28 |
3 http://proot.me/ |
29 |
4 http://reproducible.io/ |