On Mon, 2006-06-26 at 15:02 -0500, [EMAIL PROTECTED] wrote: > For security implications, there is a push to make mock 'safe to run by > semi- or non-trusted users'. The chroot option is not ever going to be > safe, from what I can tell, so we might have to make a two-level scheme, > or a privleged config option for enabling/disabling this.
I'm not sure how that will effect us (Red Hat). The user that calls our mock is always trusted I suppose, in our locked down build environment. > The 'mach' project has much greater ambitions on this front, and might > be a better choice for you. I'm not sure if 'mach' was reviewed for use, or if we just went straight to mock, since plague did. -- Jesse Keating RHCE (geek.j2solutions.net) Fedora Legacy Team (www.fedoralegacy.org) GPG Public Key (geek.j2solutions.net/jkeating.j2solutions.pub)
signature.asc
Description: This is a digitally signed message part
-- Fedora-buildsys-list mailing list Fedora-buildsys-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-buildsys-list
