1 |
Jason Stubbs wrote: |
2 |
> On Monday 22 August 2005 12:52, Drake Wyrm wrote: |
3 |
> |
4 |
>>Alec Warner <warnera6@×××××××.edu> wrote: |
5 |
>> |
6 |
>>>Was talking with Brian about the build environment and how settings |
7 |
>>>were to be passed into the build environment. |
8 |
>>> |
9 |
>>>Essentially three scenarios were presented. |
10 |
>> |
11 |
>>Snip and summary: |
12 |
>> |
13 |
>>1) Pass everything |
14 |
>> |
15 |
>>2) Blacklist and strip bad stuff |
16 |
>> |
17 |
>>3) Whitelist good stuff; strip everything else |
18 |
>> |
19 |
>> |
20 |
>>>To me 1) is unacceptable and 3) is the best option. Feel free to |
21 |
>>>shoot these down as you see fit ;) |
22 |
>> |
23 |
>>Option 4: Strip everything. |
24 |
>> |
25 |
>>Nothing is passed from the original environment; everything passed in the |
26 |
>>environment is considered to be a "portage variable". This, I suppose, |
27 |
>>is an extreme case of the whitelist. |
28 |
> |
29 |
> |
30 |
> Well, I'll go against the flow. ;) |
31 |
> |
32 |
> My preference would go 4, 3, 2 then 1. While Makefiles and configure scripts |
33 |
> may be "broken" upstream, how long is it before the breakage goes |
34 |
> unnoticed? More importantly, what's the chances of a dev finding the |
35 |
> breakage before users? Cleansing the environment to me is akin to using |
36 |
> sandbox. It offers protection against misbehaving packages... |
37 |
> |
38 |
|
39 |
Good point. How about if we add environment sandboxing support (in addition to filesystem sandboxing) to sandbox. With an environment sandbox, we could detect specifically which variables a build is fragile with regard to. The sandbox would have both filesystem access and environment access violation summaries. |
40 |
|
41 |
Zac |
42 |
-- |
43 |
gentoo-portage-dev@g.o mailing list |