Hi Martin,
> Sorry, but "leaking privacy" is not convincing at all. A machine that
> builds packages downloads packages from the configured mirror via apt
> all the time
Let's distinguish two distinct questions here; I fear we are jumping
between the two when making our points:
a) whether a package build can access/ping/whatever random-site.org
during build.
b) whether a package build can obtain "further" packages via the configured
apt mirror.
To me, "a" is an obvious privacy leak. "b" is absolutely fine as long its
the configured mirror (not, for example, some hardcoded global APT mirror).
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
