cvs commit: ports/databases/pg_filedump Makefile
Colin Percival
cperciva at freebsd.org
Wed May 23 14:35:08 UTC 2012
On 05/23/12 07:06, Baptiste Daroussin wrote:
> Should network access be restricted at any moment during the package
> building, on automated build environment, if yes what phases are to be
> expected to be restricted?
Wearing my Security Officer Emeritus hat: How about all of them? For automated
package building I'd like to see distfiles fetched onto a dedicated distfile
mirroring system and package builders fetching bits from there.
One system to provide source distfiles, one system to accept built packages, and
one system to control them all and in the cluster... *cough* never mind.
--
Colin Percival
Security Officer Emeritus, FreeBSD | The power to serve
Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid
More information about the cvs-all
mailing list