Dne 16.9.2016 v 17:00 Pavel Raiskup napsal(a): > Hi all, > > this is probably proper place for such discussions -- I am curious what is the > plan with Docker stuff within Copr project. > > Do you plan to make Fedora's copr hardly dependant on Docker images?
You mean the commit 25c7d91bfdc895bb0d63f3b06fa1399b507fff14 ? Previous week we worked on Mock security issue. This is fixed now. However it raised the question: is it smart to run mock-scm, pyp2rpm, gem2spec... directly on copr-dist-git machine? It is run under non-privileged user, but still... I can think about some attack vectors. For obvious reasons I will not disclose them publicly. So we wanted to build SRPM in environment, which will be discarded after SRPM build and hard to escape. There are several ways how to implement it. But we chosen builds in Docker container. It will be used just for SRPM build. Nothing more. Is it problem for you? -- Miroslav Suchy, RHCA Red Hat, Senior Software Engineer, #brno, #devexp, #fedora-buildsys _______________________________________________ copr-devel mailing list -- [email protected] To unsubscribe send an email to [email protected]
