On Saturday 20 June 2009 21:00:46 Ciaran McCreesh wrote: > On Sat, 20 Jun 2009 20:40:17 +0200 > > Patrick Lauer <patr...@gentoo.org> wrote: > > > Have you thought about the security implications of this? > > > > Yes. > > > > > How much do you trust the people running the overlays listed in > > > layman? > > > > VirtualBox. > > And how do you use VirtualBox to prevent one malicious person from > running arbitrary code on the system of anyone using any layman overlay?
Ah. I thought you were referring to the issues involved in sourcing ebuilds. But as you shift the discussion now ... well ... right now we allow almost everyone to add an overlay to the layman config. So we trust overlay maintainers not to screw users. The metadata cache is "inert" in the sense that it isn't executable code (and if anyone tries to execute it ... "You're doing it wrong" comes to mind"), so adding it does not pessimize the situation. So how do we guarantee that overlay maintainers (many who aren't even devs and thus might not be subjectively held to the same standards) don't screw users? Hmm. I can't think of any sane way to prevent people from writing bad ebuilds. And I also can't think of a reliable method to detect such or prevent users from trying to use them. In short, we just have to trust people. As a sidenote, we just randomly trust devs too. And it usually works ...
