Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Gentoo User (http://www.linux-archive.org/gentoo-user/)
-   -   Sandbox vs userpriv (http://www.linux-archive.org/gentoo-user/693452-sandbox-vs-userpriv.html)

Hinnerk van Bruinehsen 08-13-2012 09:21 AM

Sandbox vs userpriv
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 13.08.2012 10:50, Nilesh Govindrajan wrote:
> On Aug 13, 2012 2:19 PM, "Nilesh Govindrajan"
> <contact@nileshgr.com> wrote:
>>
>> What's the disadvantage of compiling in sandbox instead of
>> compiling
> directly with userpriv?
>
> *advantage
>

I think the advantage is that you can compile as root with some kind
of protection. ;)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJQKMcgAAoJEJwwOFaNFkYco+8H/RpzlTRsA2pcBobv/L81B0J3
UQN8pDOwjaafm0rrjOFFrYG3XPDRML9dv0STULCqcpbtLFjdbm WmbLzn0DCDopbG
mu2yd+ZCac36KKtGJfBLJjKiJz3NwuAMkfpGcUqFK0EaeHkmYL YVi7yWEL9C9j+H
IATc2BJ4HFDgK5VJEYwFK+AlPwqr/Rkepsy38wId8hjKeQCCpsJ/C32we162aiuH
dP2OyfPrrXf0Jkb+9gTuXOlhPCgIlE7eDUfD/S77ysdGG2j6JzDzyPlk2BNz2P+S
5OQTqx2a/FvEU+JtyOEoSM1Ng4fvODfq+26G+T7Mn1mPvND6Eb0U4d+KjHJ VuME=
=vAHc
-----END PGP SIGNATURE-----

Dale 08-13-2012 09:41 AM

Sandbox vs userpriv
 
Nilesh Govindrajan wrote:




On Aug 13, 2012 2:19 PM, "Nilesh Govindrajan" <contact@nileshgr.com>
wrote:

>

> What's the disadvantage of compiling in sandbox instead of
compiling directly with userpriv?


*advantage








I found this:



http://devmanual.gentoo.org/general-concepts/sandbox/



That help any?*



Dale



:-)* :-)*

--
I am only responsible for what I said ... Not for what you understood or how you interpreted my words!

Michael Mol 08-13-2012 12:07 PM

Sandbox vs userpriv
 
On Mon, Aug 13, 2012 at 4:50 AM, Nilesh Govindrajan <contact@nileshgr.com> wrote:


On Aug 13, 2012 2:19 PM, "Nilesh Govindrajan" <contact@nileshgr.com> wrote:

>

> What's the disadvantage of compiling in sandbox instead of compiling directly with userpriv?


*advantage




If you do things like parallel builds (-j applied to emerge, not just make), a sandbox can help keep the build environment consistent throughout a build. (And if that's not a feature that's currently in sandbox, it's one where an extension of which is being discussed in -dev right now, and being worked on by a few people.)

The other thing sandbox gives you is some protection from badly-written build systems, such as ones which go out and modify files outside of explicitly-allowed paths and the like, or try installing files before 'make install'...that kind of thing.

--
:wq

Nilesh Govindrajan 08-13-2012 01:18 PM

Sandbox vs userpriv
 
On Mon 13 Aug 2012 05:37:27 PM IST, Michael Mol wrote:

On Mon, Aug 13, 2012 at 4:50 AM, Nilesh Govindrajan
<contact@nileshgr.com <mailto:contact@nileshgr.com>> wrote:

On Aug 13, 2012 2:19 PM, "Nilesh Govindrajan"
<contact@nileshgr.com <mailto:contact@nileshgr.com>> wrote:
>
> What's the disadvantage of compiling in sandbox instead of
compiling directly with userpriv?

*advantage


If you do things like parallel builds (-j applied to emerge, not just
make), a sandbox can help keep the build environment consistent
throughout a build. (And if that's not a feature that's currently in
sandbox, it's one where an extension of which is being discussed in
-dev right now, and being worked on by a few people.)

The other thing sandbox gives you is some protection from
badly-written build systems, such as ones which go out and modify
files outside of explicitly-allowed paths and the like, or try
installing files before 'make install'...that kind of thing.

--
:wq


I see. Actually I came up with this question because dev-lang/php was
emitting some errors when I was building with sandbox enabled (I never
disabled it actually). I guess I'll enable it again and disable when
some ebuilds trouble.


--
Nilesh Govindrajan
http://nileshgr.com


All times are GMT. The time now is 02:08 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.