hosted reproducible package building with multiple developers?
Richard W.M. Jones
rjones at redhat.com
Fri Dec 10 18:06:47 UTC 2010
On Fri, Dec 10, 2010 at 03:06:59PM +0000, Daniel P. Berrange wrote:
> The theory is as follows though
>
> 1. clone() with the CLONE_NEWNS set
[...]
> There are various other CLONE flags that lock down more
> things if desired, eg to hide all host network interfaces.
I don't think CLONE_* can stop them creating a /dev/hda-equivalent
device node and then editing files on your real hard disk.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming blog: http://rwmj.wordpress.com
Fedora now supports 80 OCaml packages (the OPEN alternative to F#)
http://cocan.org/getting_started_with_ocaml_on_red_hat_and_fedora
More information about the devel
mailing list