On Tue, Jan 31, 2012 at 03:50:37PM +0000, James Tunnicliffe wrote: > Hi, > > https://wiki.linaro.org/Platform/Android/LinaroAndroidBuildService has > been updated with these instructions about a new build option: > > EXTERNAL_TARBALL > > Use to request that the build system fetch an archive from the > location that you set EXTERNAL_TARBALL to and unpack it into > build/external_tarballs (build is the build root directory. This exact > path can be written as > $BUILD_SCRIPT_ROOT/../../build/external_tarballs). Multiple archives > can be requested, separated by ";", e.g. > EXTERNAL_TARBALL="http://foo.com/ball1.tar.gz;http://foo.com/ball2.tar.bz2";
Nice work. I just wonder if there is a potential attack vector here -- is the build configuration writeable by any users invoked during the build or setup process? -- Christian Robottom Reis, Engineering VP Brazil (GMT-3) | [+55] 16 9112 6430 | [+1] 612 216 4935 Linaro.org: Open Source Software for ARM SoCs _______________________________________________ linaro-dev mailing list linaro-dev@lists.linaro.org http://lists.linaro.org/mailman/listinfo/linaro-dev
