Bug#430765: [Pbuilder-maint] Bug#430765: please add ccache support
Mike Hommey
mh at glandium.org
Sun Jan 3 08:21:08 UTC 2010
On Sun, Jan 03, 2010 at 11:36:46AM +0900, Junichi Uekawa wrote:
> Hi,
>
> At Sat, 2 Jan 2010 17:39:17 +0100,
> Mike Hommey wrote:
> >
> > On Sat, Jan 02, 2010 at 05:36:47PM +0100, Mike Hommey wrote:
> > > On Sat, Jan 02, 2010 at 05:28:23PM +0100, Loïc Minier wrote:
> > > > On Sat, Jan 02, 2010, Mike Hommey wrote:
> > > > > Shouldn't pbuilder try to use the original user uid ? I, for one, set
> > > > > BUILDUSERID to my own uid...
> > > >
> > > > Oh that would work too; I think I would prefer pbuilder using a
> > > > separate user id since the build might do evil things e.g. killall.
> > >
> > > unshare(CLONE_NEWPID) ?
> >
> > That only works with clone(), not unshare, but you get the idea.
>
> There's two different scenarios
>
> 1. I want to protect myself from malicious code (set it to some random
> user id). CLONE_NEWPID might be a better idea in this case.
>
> 2. I want to use the same user id inside the chroot too because I
> trust the code (e.g. pdebuild). This shouldn't be CLONE_NEWPID,
> because pdebuild-internal would require access to /home with the
> original PID.
Why is that ? Also note that for "external" processes, the pid is the
original one.
Mike
More information about the Pbuilder-maint
mailing list