On Sat, Aug 2, 2008 at 8:24 PM, Dan Kegel dank@kegel.com wrote:
Ambroz wrote:
To me, a script that builds just every patch is a serious security flaw; I suppose it wouldn't be very hard for someone to send a naughty patch that would take control of your machine.
True.
I suggest you make it build patches in a chroot as a regular user, and copy over the chroot from a template every time a new patch is being built.
Sounds great. Want to implement that and send it my way? It'll take me a while to get the kinks worked out of the script, it'd be nice to have a hand with the chroot.
- Dan
Its really ironic that you post this today as just yesterday I was contemplating the same thing, and not only doing a compile check but also a run of the test suite and valgrind. Other than that I wanted to put in a +1 for sending an email to the author and to a status website.