Hi, Jeremy,

Jeremy Drake wrote:

>>> Another possibility would be to test these patches in some kind of virtual
>>> machine that gets blown away every X days, so that even if someone did get
>>> something malicious in there it wouldn't last long.
> Or just have a snapshot which is reverted after each run, and read-only
> access to files used to do the build.  I know vmware supports this,
> probably others too...

A chroot / fakeroot combined with unionfs should do the same, probably
with less effort. There are other user-mode jail projects that also
block networking.


Markus Schaber | Logical Tracking&Tracing International AG
Dipl. Inf.     | Software Development GIS

Fight against software patents in Europe! www.ffii.org

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to