From owner-freebsd-stable@FreeBSD.ORG Mon May 22 19:57:50 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4535716AF17 for ; Mon, 22 May 2006 19:57:50 +0000 (UTC) (envelope-from jhs@flat.berklix.net) Received: from thin.berklix.org (thin.berklix.org [194.246.123.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7F7E443D5A for ; Mon, 22 May 2006 19:57:49 +0000 (GMT) (envelope-from jhs@flat.berklix.net) Received: from js.berklix.net (p549A75BF.dip.t-dialin.net [84.154.117.191]) (authenticated bits=128) by thin.berklix.org (8.12.11/8.12.11) with ESMTP id k4MJvker087629 for ; Mon, 22 May 2006 21:57:47 +0200 (CEST) (envelope-from jhs@flat.berklix.net) Received: from fire.jhs.private (fire.jhs.private [192.168.91.41]) by js.berklix.net (8.12.11/8.12.11) with ESMTP id k4MJviGI045751 for ; Mon, 22 May 2006 21:57:45 +0200 (CEST) (envelope-from jhs@flat.berklix.net) Received: from fire.jhs.private (localhost.jhs.private [127.0.0.1]) by fire.jhs.private (8.13.1/8.13.1) with ESMTP id k4MK0Ef9005932 for ; Mon, 22 May 2006 22:00:14 +0200 (CEST) (envelope-from jhs@fire.jhs.private) Message-Id: <200605222000.k4MK0Ef9005932@fire.jhs.private> To: FreeBSD Stable In-Reply-To: Message from Ion-Mihai "IOnut" Tetcu of "Mon, 22 May 2006 13:48:37 +0300." <20060522134837.0b88d705@it.buh.tecnik93.com> Date: Mon, 22 May 2006 22:00:14 +0200 From: "Julian H. Stacey" Subject: Re: FreeBSD Security Survey X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 May 2006 19:57:57 -0000 > And it's not only HR lack problem, we would need more hardware for the > package building cluster too. A lot of us run 24/7 netted servers with spare cycles, & wouldn't be averse to allocating the idle loop to package building for freebsd.org, but 3 problems: - package building at prsent gets done on that trusted cluster, - needs root for lots of buils, which many of us dont want to give out (sandboxes / chroot maybe ? ) - freebsd.org would need to know none of our client servers had `slipped it a mickey', which would best be protected against by anonymisining I guess, so we didnt even know what we were compiling. - It'd need some mechanised automation, like SETI A nice project for some Summer Of Code student this summer ? -- Julian Stacey. Consultant Unix Net & Sys. Eng., Munich. http://berklix.com Mail in Ascii, HTML=spam. Ihr Rauch = mein allergischer Kopfschmerz.