Bug#430765: [Pbuilder-maint] Bug#430765: please add ccache support
Junichi Uekawa
dancer at netfort.gr.jp
Sun Jan 3 02:36:46 UTC 2010
Hi,
At Sat, 2 Jan 2010 17:39:17 +0100,
Mike Hommey wrote:
>
> On Sat, Jan 02, 2010 at 05:36:47PM +0100, Mike Hommey wrote:
> > On Sat, Jan 02, 2010 at 05:28:23PM +0100, Loïc Minier wrote:
> > > On Sat, Jan 02, 2010, Mike Hommey wrote:
> > > > Shouldn't pbuilder try to use the original user uid ? I, for one, set
> > > > BUILDUSERID to my own uid...
> > >
> > > Oh that would work too; I think I would prefer pbuilder using a
> > > separate user id since the build might do evil things e.g. killall.
> >
> > unshare(CLONE_NEWPID) ?
>
> That only works with clone(), not unshare, but you get the idea.
There's two different scenarios
1. I want to protect myself from malicious code (set it to some random
user id). CLONE_NEWPID might be a better idea in this case.
2. I want to use the same user id inside the chroot too because I
trust the code (e.g. pdebuild). This shouldn't be CLONE_NEWPID,
because pdebuild-internal would require access to /home with the
original PID.
So, using CLONE_NEWPID would have to be an optional thing.
More information about the Pbuilder-maint
mailing list