[Distutils] New packagers
M.-A. Lemburg
mal@lemburg.com
Wed Mar 6 06:18:10 2002
Michael Hudson wrote:
>
> "Thomas Heller" <thomas.heller@ion-tof.com> writes:
>
> > > It would also be nice if we had a distutils compile farm
> > > somewhere; oh well, this will probably stay a dream.
> > >
> >
> > I've also thought about this: submit packages (per email, maybe) to
> > a server somewhere, and the server runs 'setup.py bdist
> > --formats=whatever', and mails the result back. My question is: Can
> > this really be made safe?
>
> Seems very unlikely.
It would at least require a lot of thinking about the security
model used in the process. Setting up a chroot sandbox like
environment is well possible on Unix, but may not be on many
other platforms (such as Windows, MacOS, ...).
However, it would still be possible to do lots of harmful
stuff along the way, e.g. send out spam from the box,
implement DDoS attacks, use known exploits on the machine to
work around the chroot, etc.
Also, debugging would be a pain using an asynchronous
approach like email compilation.
--
Marc-Andre Lemburg
CEO eGenix.com Software GmbH
______________________________________________________________________
Company & Consulting: http://www.egenix.com/
Python Software: http://www.egenix.com/files/python/