| 1 |
On 11/02/14 01:36, Jason A. Donenfeld wrote: |
| 2 |
> Hey folks, |
| 3 |
> |
| 4 |
> Late night clicking-while-drooling, I came across something a few |
| 5 |
> minutes ago that mildly piqued my interest -- mbox |
| 6 |
> <http://pdos.csail.mit.edu/mbox/>. It's a sandbox that uses a |
| 7 |
> combination of ptrace and seccomp bpf; neither ours nor exherbo's uses |
| 8 |
> both of these together. The killer feature, for us, that's motivating |
| 9 |
> me to write to this list, is that it creates a "shadow file system", |
| 10 |
> and then has the option to commit the changes of that file system to |
| 11 |
> the real file system, piece by piece, when the process is done. It |
| 12 |
> made me think of some discussions we had at FOSDEM about Portage |
| 13 |
> evolution and whatnot. I haven't looked at this tool past an initial |
| 14 |
> glance, but it does look like interesting food for thought. |
| 15 |
> |
| 16 |
> Jason |
| 17 |
> |
| 18 |
|
| 19 |
At FOSDEM I have seen this interesting talk[1,2] on a similar subject. |
| 20 |
PRoot[3] would be similar to mbox. But CARE[4] might be great to |
| 21 |
reproduce build problems on user machines. |
| 22 |
|
| 23 |
justin |
| 24 |
|
| 25 |
1 https://fosdem.org/2014/schedule/event/syscall/ |
| 26 |
2 |
| 27 |
http://ftp.belnet.be/FOSDEM/2014/H2215_Ferrer/Saturday/Software_engineering_tools_based_on_syscall_instrumentation.webm |
| 28 |
3 http://proot.me/ |
| 29 |
4 http://reproducible.io/ |
Archives