Hi, Jeremy, Jeremy Drake wrote:
>>> Another possibility would be to test these patches in some kind of virtual >>> machine that gets blown away every X days, so that even if someone did get >>> something malicious in there it wouldn't last long. > > Or just have a snapshot which is reverted after each run, and read-only > access to files used to do the build. I know vmware supports this, > probably others too... A chroot / fakeroot combined with unionfs should do the same, probably with less effort. There are other user-mode jail projects that also block networking. Markus -- Markus Schaber | Logical Tracking&Tracing International AG Dipl. Inf. | Software Development GIS Fight against software patents in Europe! www.ffii.org www.nosoftwarepatents.org
signature.asc
Description: OpenPGP digital signature
