Is it really such a hard work to parse PKGBUILD and simulate a bash behaviour only on variables preceding the build() function ? The parser needs to be able to : - affect and replace variables - support arrays - support the simple ${x//find/replace} syntax - what else ? If this can be tedious with PHP, is it that difficult to realize in python ? Cilyan 2008/6/10 Loui <louipc.ist@gmail.com>:
On Tue, 10 Jun 2008 15:16:29 +0800 "Callan Barrett" <wizzomafizzo@gmail.com> wrote:
Note to self: restricted mode is apparently not as restricted as it sounds, need to look into that and probably how namcap deals with it.
Possibly a chroot?
Also I'm assuming everyone is fine and dandy with this behavior so when it's not terribly insecure anymore I'll apply this.
Yeah I'm concerned about how secure it is to actually source the PKGBUILD in bash. I don't know if AUR really needs to cover every exotic PKGBUILD out there. Having to set up a chroot seems like a bit much. It would be nice to have all variables resolved though, and bash could make it a lot simpler.