From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 32C461396D0 for ; Fri, 22 Sep 2017 22:02:12 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id D73E723418A; Fri, 22 Sep 2017 22:02:06 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 8ECF52043F2 for ; Fri, 22 Sep 2017 22:02:06 +0000 (UTC) Received: from [192.168.1.100] (c-98-218-46-55.hsd1.md.comcast.net [98.218.46.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: mjo) by smtp.gentoo.org (Postfix) with ESMTPSA id A045933BF43 for ; Fri, 22 Sep 2017 22:02:05 +0000 (UTC) Subject: Re: [gentoo-dev] Reviving the Sandbox project To: gentoo-dev@lists.gentoo.org References: <1506023769.15165.14.camel@gentoo.org> From: Michael Orlitzky Message-ID: Date: Fri, 22 Sep 2017 18:01:48 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-Archives-Salt: 0707d18a-16c3-4822-b844-b5745024b973 X-Archives-Hash: 12643995a1780638effda8f48cc5ce62 On 09/22/2017 05:51 PM, R0b0t1 wrote: > On Thu, Sep 21, 2017 at 2:56 PM, Michał Górny wrote: >> [1]:https://wiki.gentoo.org/wiki/Project:Sandbox >> > > I think I understand, in principle, why a sandbox could be useful, but > would it not be more productive to follow up with projects which do > unexpected things to ask that they not do those things? > The sandbox isn't a security feature, it's more of a QA tool. How do you *know* when the upstream project does something wrong? See, for example, https://bugs.gentoo.org/599706 The sandbox doesn't catch something, and the upstream project dropped DESTDIR from its build system. The result? /usr/bin is now owned by the "nagios" user. Of course the upstream build system shouldn't be making /usr/bin owned by nagios, but it would take you a good long time to notice it without the sandbox.