Re: [gentoo-user] Re: Sandbox vs userpriv
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 13.08.2012 10:50, Nilesh Govindrajan wrote: On Aug 13, 2012 2:19 PM, Nilesh Govindrajan cont...@nileshgr.com wrote: What's the disadvantage of compiling in sandbox instead of compiling directly with userpriv? *advantage I think the advantage is that you can compile as root with some kind of protection. ;) -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJQKMcgAAoJEJwwOFaNFkYco+8H/RpzlTRsA2pcBobv/L81B0J3 UQN8pDOwjaafm0rrjOFFrYG3XPDRML9dv0STULCqcpbtLFjdbmWmbLzn0DCDopbG mu2yd+ZCac36KKtGJfBLJjKiJz3NwuAMkfpGcUqFK0EaeHkmYLYVi7yWEL9C9j+H IATc2BJ4HFDgK5VJEYwFK+AlPwqr/Rkepsy38wId8hjKeQCCpsJ/C32we162aiuH dP2OyfPrrXf0Jkb+9gTuXOlhPCgIlE7eDUfD/S77ysdGG2j6JzDzyPlk2BNz2P+S 5OQTqx2a/FvEU+JtyOEoSM1Ng4fvODfq+26G+T7Mn1mPvND6Eb0U4d+KjHJVuME= =vAHc -END PGP SIGNATURE-
Re: [gentoo-user] Re: Sandbox vs userpriv
Nilesh Govindrajan wrote: On Aug 13, 2012 2:19 PM, Nilesh Govindrajan cont...@nileshgr.com mailto:cont...@nileshgr.com wrote: What's the disadvantage of compiling in sandbox instead of compiling directly with userpriv? *advantage I found this: http://devmanual.gentoo.org/general-concepts/sandbox/ That help any? Dale :-) :-) -- I am only responsible for what I said ... Not for what you understood or how you interpreted my words!
Re: [gentoo-user] Re: Sandbox vs userpriv
On Mon, Aug 13, 2012 at 4:50 AM, Nilesh Govindrajan cont...@nileshgr.comwrote: On Aug 13, 2012 2:19 PM, Nilesh Govindrajan cont...@nileshgr.com wrote: What's the disadvantage of compiling in sandbox instead of compiling directly with userpriv? *advantage If you do things like parallel builds (-j applied to emerge, not just make), a sandbox can help keep the build environment consistent throughout a build. (And if that's not a feature that's currently in sandbox, it's one where an extension of which is being discussed in -dev right now, and being worked on by a few people.) The other thing sandbox gives you is some protection from badly-written build systems, such as ones which go out and modify files outside of explicitly-allowed paths and the like, or try installing files before 'make install'...that kind of thing. -- :wq
Re: [gentoo-user] Re: Sandbox vs userpriv
On Mon 13 Aug 2012 05:37:27 PM IST, Michael Mol wrote: On Mon, Aug 13, 2012 at 4:50 AM, Nilesh Govindrajan cont...@nileshgr.com mailto:cont...@nileshgr.com wrote: On Aug 13, 2012 2:19 PM, Nilesh Govindrajan cont...@nileshgr.com mailto:cont...@nileshgr.com wrote: What's the disadvantage of compiling in sandbox instead of compiling directly with userpriv? *advantage If you do things like parallel builds (-j applied to emerge, not just make), a sandbox can help keep the build environment consistent throughout a build. (And if that's not a feature that's currently in sandbox, it's one where an extension of which is being discussed in -dev right now, and being worked on by a few people.) The other thing sandbox gives you is some protection from badly-written build systems, such as ones which go out and modify files outside of explicitly-allowed paths and the like, or try installing files before 'make install'...that kind of thing. -- :wq I see. Actually I came up with this question because dev-lang/php was emitting some errors when I was building with sandbox enabled (I never disabled it actually). I guess I'll enable it again and disable when some ebuilds trouble. -- Nilesh Govindrajan http://nileshgr.com
