From 371f6b4cf661074d928c93ef9656daa6d557fb2c Mon Sep 17 00:00:00 2001
From: Boris Kolpackov <boris@codesynthesis.com>
Date: Sat, 24 Sep 2016 21:48:26 +0200
Subject: Add idea: bbot security considerations

---
 bbot/security | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 bbot/security

(limited to 'bbot')

diff --git a/bbot/security b/bbot/security
new file mode 100644
index 0000000..47b7c85
--- /dev/null
+++ b/bbot/security
@@ -0,0 +1,14 @@
+- bbot security considerations [idea]
+
+* Probably the only way to build and more importantly run tests for untrusted
+  packages is in a throw-away virtual machine. I.e., clone the VM, build a
+  package (or a group of packages from the same group/vendor), and then throw
+  it away.
+
+  Immediate questions are how to extract the result and allow downloading of
+  dependent packages (if the network is locked down). We could probably mount
+  the image and copy the result out manually; a bit hairy but secure.
+
+  Will also probably have to limit the VM's execution time.
+
+  We could try to run VM on a ramdisk to minimize SSD wear. Or use ZFS (COW).
-- 
cgit v1.1