network access during package build (was Re: Bug#759762: ITP: libz-mingw-w64 -- compression library (targeting Windows))
On Mon, 1 Sep 2014, Adam Borowski wrote:
> Also, should we detect all other attempts to contact the outside network,
> and swat such builds with extreme prejudice?
Yes. These can be privacy breeches, licence violations (download
things that change what gets embedded into the packages), and
all other sorts of nasties. There may be no network access during
a Debian package build; the switchover is usually between installing
the B-D and extracting the source package, at most directly after
the latter.
(I’m aware that there is still *too* much “disable the network” in
pbuilder. Sorry for not having had the time to work on that. I’ll
try to do so shortly.)
bye,
//mirabilos
--
Sometimes they [people] care too much: pretty printers [and syntax highligh-
ting, d.A.] mechanically produce pretty output that accentuates irrelevant
detail in the program, which is as sensible as putting all the prepositions
in English text in bold font. -- Rob Pike in "Notes on Programming in C"
Reply to: