Jim Nasby wrote:
That's something I'd be willing to do. And for many people that aren't
committers but are still trusted in the community, we could probably
bypass the checking.
That's a worthwhile point. How many patches come from the general
community vs out of the blue? Patches from regulars could probably get a
free pass, which might cut down the review burden substantially.
Another possibility would be to test these patches in some kind of
virtual machine that gets blown away every X days, so that even if
someone did get something malicious in there it wouldn't last long.
Yeah, nasties could be roughly separated into two categories: stuff
which affects your box, or stuff which uses your box to affect someone
else. A VM fixes the first, and a firewall blocking outgoing connections
(with exceptions for the CVS server and patch buildfarm or whatever it
is server) largely fixes the second.
I was under the impression that most VM products are x86 centric, which
wouldn't lead to huge amounts of diversity in the buildfarm results. At
least, not as far as architecture goes.
Cheers
Tom
---------------------------(end of broadcast)---------------------------
TIP 4: Have you searched our list archives?
http://archives.postgresql.org
