Re: Network access during build

To: Vincent Bernat <bernat@debian.org>
Cc: debian-devel@lists.debian.org
Subject: Re: Network access during build
From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Wed, 7 Sep 2016 12:45:55 +0100
Message-id: <[🔎] 22479.65011.955258.119306@chiark.greenend.org.uk>
In-reply-to: <[🔎] m3inu8nva7.fsf@neo.luffy.cx>
References: <[🔎] m3inu8nva7.fsf@neo.luffy.cx>

Vincent Bernat writes ("Network access during build"):
> The fix is easy: just disable the test.
> 
> However, I have a hard time to find this useful for anyone. To sum up:
> 
>  - patching the test suite requires maintaining the patch forever

If it is hard to maintain such a trivial patch forever, then our
processes are entirely wrong.

>  - both pbuilder and sbuild are using an isolated network namespace

This is doesn't necessarily help with package builds done in other
contexts (eg by a user for development).  And it is not true at all on
non-Linux kernels.

>  - package builds reproducibly with or without network access

You have not addressed the information leak.

> I have the impression that enforcing every word of the policy in the
> hard sense can bring endless serious bugs. This particular occurrence
> affected about 70 packages. I appear as a bad maintainer because I don't
> feel this is an important bug.
> 
> Any thoughts?

I'm disappointed that you are willing to put so much effort into not
fixing something which you do seem to accept is a bug.

Ian.

-- 
Ian Jackson <ijackson@chiark.greenend.org.uk>   These opinions are my own.

If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.

Reply to:

References:
- Network access during build
  - From: Vincent Bernat <bernat@debian.org>

Prev by Date: Bug#836936: ITP: python-confluent-kafka -- Python library to interact with Apache Kafka
Next by Date: Re: Alternative solution
Previous by thread: Re: Network access during build
Next by thread: Re: Network access during build
Index(es):
- Date
- Thread