Re: PPAs for Debian

To: debian-devel@lists.debian.org
Subject: Re: PPAs for Debian
From: Roland Mas <lolando@debian.org>
Date: Wed, 04 May 2011 09:18:31 +0200
Message-id: <[🔎] 874o5bszlj.fsf@mirexpress.internal.placard.fr.eu.org>
In-reply-to: <[🔎] 20110504055747.GB3613@glandium.org> (Mike Hommey's message of "Wed, 4 May 2011 07:57:47 +0200")
References: <4DB99028.5020005@dogguy.org> <[🔎] 20110504040247.GD10411@kirya.net> <[🔎] BANLkTikZoQCZsO2G3=--rBZgdTPAuC39dw@mail.gmail.com> <[🔎] 201105040123.25531.debian@kitterman.com> <[🔎] 20110504055747.GB3613@glandium.org>

Mike Hommey, 2011-05-04 07:57:47 +0200 :

[...]

> Add to that that allowing random people to upload packages to be built
> on Debian build daemons is a recipe to have the buildds compromised.

  My initial idea about how one would go about implementing them
involved very strict isolation of the builds (either with LXC or a more
heavy-handed virtualisation system).  Not going to be very efficient in
the slow path, but the scope of a compromise would be a temporary
environment that's going to be thrown away in a minute or so and never
reused.

Roland.
-- 
Roland Mas

Shyumiribirikku ga susunde imashyou ka ?
  -- Le Schmilblick en japonais

Reply to:

Follow-Ups:
- Re: PPAs for Debian
  - From: Marc 'HE' Brockschmidt <he@ftwca.de>

References:
- Re: PPAs for Debian
  - From: Julien Valroff <julien@debian.org>
- Re: PPAs for Debian
  - From: Paul Tagliamonte <paultag@ubuntu.com>
- Re: PPAs for Debian
  - From: Scott Kitterman <debian@kitterman.com>
- Re: PPAs for Debian
  - From: Mike Hommey <mh@glandium.org>

Prev by Date: Re: PPAs for Debian
Next by Date: Re: Reporting same bug in different packages
Previous by thread: Re: PPAs for Debian
Next by thread: Re: PPAs for Debian
Index(es):
- Date
- Thread