On Wed, 2011-09-28 at 22:26 +0100, Max Bolingbroke wrote:
Hi Hackagers,
I've written a rough-and-ready documentation building service for the Hackage 2.0 effort. It is functional enough to submit build reports and build documentation for a few example packages on my local Hackage instance.
Duncan: please review+commit! I also had to make some small changes to cabal-install that should go into the Cabal repo.
Cool, thanks. That was quick! I only just got back from Tokyo. Also got your note about the patch to avoid applying.
Comments/suggestions welcome. There is one major known flaw in that the invocation of "cabal install" performed by the builder is not sandboxed. So arbitrary user code runs with the same privileges as the documentation builder itself. I guess the best solution to this is a chroot (to restrict the writeable part of the file system)+timeout?
Yeah, I think this is probably best solved by sys admin stuff rather than trying to build anything sophisticated into the client itself. Someone setting this up on a system would want to use some kind of sandbox, either a vm, a chroot, SELinux policy or whatever else their system provides. We should probably just provide a big fat warning and pointers to documentation on various sandbox/container technologies. Duncan