diff options
| author | Boris Kolpackov <boris@codesynthesis.com> | 2016-09-27 06:26:22 +0200 |
|---|---|---|
| committer | Boris Kolpackov <boris@codesynthesis.com> | 2016-09-27 06:26:22 +0200 |
| commit | 0c8c510530d739117d9cfc5cf706e001ae62c0c7 (patch) | |
| tree | 30f1327e08195a81d06120577fe58acebf266864 /bbot/security | |
| parent | cbfe0e5805746f5556e911e5e632ab63a5ae4efc (diff) | |
Update idea: bbot security considerations
Diffstat (limited to 'bbot/security')
| -rw-r--r-- | bbot/security | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/bbot/security b/bbot/security index 47b7c85..8b70ff6 100644 --- a/bbot/security +++ b/bbot/security @@ -12,3 +12,11 @@ Will also probably have to limit the VM's execution time. We could try to run VM on a ramdisk to minimize SSD wear. Or use ZFS (COW). + +* We could reboot the VM in "no network" mode; i.e., first fetch all the + packages, reboot, then build. + +* We could fetch all the packages (on host) and only then start the VM. The + problem will be conditional dependencies. Ideally we would want to cache + all of them (including conditional) and then make bpkg in the VM use the + cache. |