>> Perhaps it makes sense to execute
>>
>> ```
>> strace -f make &> strace.log
>> ```
>>
>> and check the resulting logfile for all file accesses outside of the
>> source and build directory, and whether they are expected.
>
> That's a good idea, if somewhat monstrous in its implications.
> There are going to be a _lot_ of system calls. I'll think I'll
> eyeball an unexpurgated log and then proceed with something like "-e
> execve".
Well, I mean to really check all file accesses, not only the execution
of binaries. It's not too hard to filter them out (both successful
and unsuccessful ones), then applying more filtering to remove
individual memory addresses if necessary, then doing
```
... | sort | uniq
```
and finally inspect the resulting list. It probably also helps if you
choose a non-typical `--prefix` value during configuration while doing
so, just in case.
Werner
