1 |
On Mon, 2019-02-04 at 14:48 +0100, Alexis Ballier wrote: |
2 |
> On Mon, 04 Feb 2019 14:28:28 +0100 |
3 |
> Michał Górny <mgorny@g.o> wrote: |
4 |
> |
5 |
> > On Mon, 2019-02-04 at 11:58 +0100, Alexis Ballier wrote: |
6 |
> > > On Sun, 03 Feb 2019 20:28:49 +0100 |
7 |
> > > Michał Górny <mgorny@g.o> wrote: |
8 |
> > > |
9 |
> > > > --- |
10 |
> > > > What do you think? |
11 |
> > > > |
12 |
> > > |
13 |
> > > What is the difference with sunrise ? |
14 |
> > |
15 |
> > The difference, as noted in the mail, is that it doesn't rely |
16 |
> > on developers having time to review ebuilds. Therefore, it is less |
17 |
> > likely to die because of developers lacking time to review stuff. |
18 |
> |
19 |
> |
20 |
> Then I fear you will see the same pitfalls, and it already started: I |
21 |
> recall sunrise haters being very strongly against the idea because, |
22 |
> TBH, our sandboxing mechanism isn't a real sandbox. It may have |
23 |
> improved, but I doubt it's up to the point that we can safely run |
24 |
> untrusted code there. |
25 |
|
26 |
Sandboxing has nothing to do with security, and trying to 'improve' its |
27 |
security is a waste of time. What's the point of preventing ebuilds |
28 |
from doing malicious things at build time if they can install files that |
29 |
do malicious things afterwards? |
30 |
|
31 |
> |
32 |
> |
33 |
> > |
34 |
> > > One of the advantages of sunrise is that it had 2 repos: One |
35 |
> > > unreviewed, without Gentoo official name and big fat warnings, one |
36 |
> > > reviewed by devs more widely available. |
37 |
> > |
38 |
> > No. |
39 |
> > |
40 |
> > First of all, they weren't really two repos -- they were more like |
41 |
> > private and public branches which were made into two repos due to |
42 |
> > technical limitations. With the public branch getting all the commits |
43 |
> > from private branch merged. |
44 |
> |
45 |
> |
46 |
> Yeah, that's the same idea but modernized. |
47 |
> |
48 |
> |
49 |
> > Secondly, both branches were reviewed. The difference is that people |
50 |
> > were supposed to ask for (IRC) review before committing to the first |
51 |
> > branch, and only developers were allowed to merge to the second |
52 |
> > branch. |
53 |
> |
54 |
> That's also the same idea to me. |
55 |
|
56 |
I was correcting your mistakes about Sunrise, not describing GURU. |
57 |
|
58 |
-- |
59 |
Best regards, |
60 |
Michał Górny |