On 09/22/2017 05:51 PM, R0b0t1 wrote: > On Thu, Sep 21, 2017 at 2:56 PM, Michał Górny <mgo...@gentoo.org> wrote: >> [1]:https://wiki.gentoo.org/wiki/Project:Sandbox >> > > I think I understand, in principle, why a sandbox could be useful, but > would it not be more productive to follow up with projects which do > unexpected things to ask that they not do those things? >
The sandbox isn't a security feature, it's more of a QA tool. How do you *know* when the upstream project does something wrong? See, for example, https://bugs.gentoo.org/599706 The sandbox doesn't catch something, and the upstream project dropped DESTDIR from its build system. The result? /usr/bin is now owned by the "nagios" user. Of course the upstream build system shouldn't be making /usr/bin owned by nagios, but it would take you a good long time to notice it without the sandbox.
