On Thu, May 15, 2014 at 12:01 PM, Mike Gilbert <flop...@gentoo.org> wrote:
> On Thu, May 15, 2014 at 2:48 PM, Ciaran McCreesh > <ciaran.mccre...@googlemail.com> wrote: > > On Thu, 15 May 2014 14:44:58 -0400 > > Mike Gilbert <flop...@gentoo.org> wrote: > >> On Thu, May 15, 2014 at 1:17 PM, Ciaran McCreesh > >> <ciaran.mccre...@googlemail.com> wrote: > >> > On Thu, 15 May 2014 17:15:32 +0000 > >> > hasufell <hasuf...@gentoo.org> wrote: > >> >> Ciaran McCreesh: > >> >> > Sandboxing isn't about security. > >> >> > > >> >> > >> >> Sure it is. > >> > > >> > Then where do the bug reports for all the "security violations" > >> > possible with sandbox go? > >> > > >> > >> There is a big difference between the sandbox utility > >> (sys-apps/sandbox) and the network-sandbox/ipc-sandbox features. The > >> former uses an LD_PRELOAD hack to intercept libc functions, and does > >> not provide any security benefit. The latter options create separate > >> namespaces in the kernel, which is probably a lot more secure. > > > > "Secure" against what? Malicious ebuilds? Malicious packages? > > > > Secure against unauthrorized network access during phases where > network-sandbox is effective. I am aware that this is a very small > benefit given that the ebuild or build system can do lots of things > locally without network access, or install some file that accesses the > network later. > > ipc-sandbox probably has some similar security benefit, but I don't > understand it as well. > > I think we are way off topic here folks ;) -A
