On Sun, Jan 03, 2010 at 11:36:46AM +0900, Junichi Uekawa wrote:
Hi,
At Sat, 2 Jan 2010 17:39:17 +0100,
Mike Hommey wrote:
On Sat, Jan 02, 2010 at 05:36:47PM +0100, Mike Hommey wrote:
On Sat, Jan 02, 2010 at 05:28:23PM +0100, Loïc Minier wrote:
On Sat, Jan 02, 2010, Mike Hommey
ermm...
why are you talking about CLONE_NEWPID.
I think you wanted to talk about CLONE_NEWUSER so that same UID won't affect
outside the chroot.
At Sun, 03 Jan 2010 11:36:46 +0900,
Junichi Uekawa wrote:
Hi,
At Sat, 2 Jan 2010 17:39:17 +0100,
Mike Hommey wrote:
On Sat, Jan 02, 2010
On Mon, Jan 04, 2010 at 08:20:40AM +0900, Junichi Uekawa wrote:
ermm...
why are you talking about CLONE_NEWPID.
To prevent processes in the chroot to access processes outside the
chroot.
I think you wanted to talk about CLONE_NEWUSER so that same UID won't affect
outside the chroot.
Does
clone 430765 -1
retitle -1 SECURITY: Host user 1234 can tamper with build chroot
tag -1 + security
stop
On Thu, Jun 28, 2007, Junichi Uekawa wrote:
The permissions get all wrong. I initially tried bind-mounting, but
suddenly
a random user from the outside can fiddle with your ccache.
On Sat, Jan 02, 2010 at 05:16:38PM +0100, Loïc Minier wrote:
clone 430765 -1
retitle -1 SECURITY: Host user 1234 can tamper with build chroot
tag -1 + security
stop
On Thu, Jun 28, 2007, Junichi Uekawa wrote:
The permissions get all wrong. I initially tried bind-mounting, but
On Sat, Jan 02, 2010, Mike Hommey wrote:
Shouldn't pbuilder try to use the original user uid ? I, for one, set
BUILDUSERID to my own uid...
Oh that would work too; I think I would prefer pbuilder using a
separate user id since the build might do evil things e.g. killall.
--
Loïc Minier
On Sat, Jan 02, 2010 at 05:28:23PM +0100, Loïc Minier wrote:
On Sat, Jan 02, 2010, Mike Hommey wrote:
Shouldn't pbuilder try to use the original user uid ? I, for one, set
BUILDUSERID to my own uid...
Oh that would work too; I think I would prefer pbuilder using a
separate user id since
On Sat, Jan 02, 2010 at 05:36:47PM +0100, Mike Hommey wrote:
On Sat, Jan 02, 2010 at 05:28:23PM +0100, Loïc Minier wrote:
On Sat, Jan 02, 2010, Mike Hommey wrote:
Shouldn't pbuilder try to use the original user uid ? I, for one, set
BUILDUSERID to my own uid...
Oh that would work
Hi,
At Sat, 2 Jan 2010 17:39:17 +0100,
Mike Hommey wrote:
On Sat, Jan 02, 2010 at 05:36:47PM +0100, Mike Hommey wrote:
On Sat, Jan 02, 2010 at 05:28:23PM +0100, Loïc Minier wrote:
On Sat, Jan 02, 2010, Mike Hommey wrote:
Shouldn't pbuilder try to use the original user uid ? I, for
Hi,
The permissions get all wrong. I initially tried bind-mounting, but
suddenly
a random user from the outside can fiddle with your ccache. That is not a
good thing.
I don't think that's too much of a problem if the way ccache works is
what I think it does.
Could you outline your
Package: pbuilder
Version: 0.170
Severity: wishlist
Tags: patch
Hi,
As discussed on the boat under DebConf, here's a patch to enable ccache
support in pbuilder. I've only tested it lightly, but it seems to work
well.
-- System Information:
Debian Release: lenny/sid
APT prefers oldstable
APT
On Wed, Jun 27, 2007 at 10:34:11AM +0200, Steinar H. Gunderson [EMAIL
PROTECTED] wrote:
Package: pbuilder
Version: 0.170
Severity: wishlist
Tags: patch
Hi,
As discussed on the boat under DebConf, here's a patch to enable ccache
support in pbuilder. I've only tested it lightly, but it
On Wed, Jun 27, 2007 at 08:10:39PM +0200, Mike Hommey wrote:
I looks a bit overkill to copy the cache over... why not just bind mount
it ?
The permissions get all wrong. I initially tried bind-mounting, but suddenly
a random user from the outside can fiddle with your ccache. That is not a
good
Hi,
I looks a bit overkill to copy the cache over... why not just bind mount
it ?
The permissions get all wrong. I initially tried bind-mounting, but suddenly
a random user from the outside can fiddle with your ccache. That is not a
good thing.
I don't think that's too much of a problem
On Thu, Jun 28, 2007 at 08:12:38AM +0900, Junichi Uekawa wrote:
The permissions get all wrong. I initially tried bind-mounting, but suddenly
a random user from the outside can fiddle with your ccache. That is not a
good thing.
I don't think that's too much of a problem if the way ccache works
15 matches
Mail list logo
