On Fri, 7 Oct 2011 08:27:01 +1100 Cameron Simpson <c...@zip.com.au> wrote: > > 2: Root _can_ corrupt things anywhere in the system (within the VM, of > course, but the builtbot is a subset of it). A normal unprivileged user > will not have write permission to thing like: > the OS image > the compilers > the system commands > other user data areas > all of which offer avenues to corrupt the built/test scenario. > And if it is not a special purpose VM, the corrupt things for other > uses and users of the system.
Why do you think it is not a special purpose VM? Also, if you think there's a security problem, why don't you take it in private with the buildbot owner instead of making such a fuss on a public mailing-list? > The prudent way to run the buildbots, especially if they cycle > (refetch newer codebase, rebuilt, retest) instead of (scrub VM, > reinstall, install built system, etc) is: > > - a user to fetch source and dispatch builds > - possibly a distinct user to run the builds > - definitely a distinct user to run the test suite Your contribution is definitely welcome. Thanks Antoine. _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
