Bug#813471: network access to the loopback device should be allowed
Hi!
On Tue, 2016-02-02 at 20:46:03 +0900, Osamu Aoki wrote:
> Package: debian-policy
> Severity: normal
>
> Bug #770016 "Clarify network access for building packages in main"
> was about not downloading files via network. This created new lines in
> 4.9 as:
>
> | For packages in the main archive, no required targets may attempt
> | network access.
>
> This is too restrictive.
>
> The build target of devscripts has several tests testing http acess to
> the http server on the loopback device.
>
> But the above new policy lines may be considered to prohibit this.
>
> I thought the this should be more like:
>
> | For packages in the main archive, no required targets may attempt
> | network access except for the access to the loopback device.
> I understand downloading from Debian or non-Debian web site is bad for
> buildd but network operation to the loopback device (like http access)
> should be OK.
This is probably too restrictive too. It would not allow local access
through TAP device or other similar things. It might be better to just
say something like:
| For packages in the main archive, no required targets may attempt
| network access outside the current machine.
or something along those lines.
Thanks,
Guillem
Reply to: