Am Freitag, 20. Oktober 2006 14:56 schrieb Benoit Chesneau: > You can launch script in a chroot environnement. So most of security > problems could be solved. I was thinking this days to build > automatically a binary aur repository with this system. What do you > think about it ?
Some people at irc said that (and you`ll find similar on the net) chroot is not a secure way to run untrusted code. As far as I find out linux-vserver would be a secure solution. It`s similar to BSD`s jails and has complete process isolation. But I do not think that this is as easy to setup as a chroot-environment. Most packages of AUR which are not in community yet are not meant to be built automatically. So I do not think you should do this. But a central db of package-meta-data would be really nice. One could make funny calculations on this: reverse dependencies, conflicting packages etc. -- http://www.archlinux.de _______________________________________________ arch mailing list [email protected] http://www.archlinux.org/mailman/listinfo/arch
