[Cc'ing mp-dev, removing mp-users] Hi Paul, Jordan, Paul Guyot wrote:

Le 7 nov. 06 à 07:42, Jordan K. Hubbard a écrit :

...

On Nov 6, 2006, at 2:02 PM, Paul Guyot wrote:

...

I don't know how to turn it into a variant in such a way that without this variant, ruby doesn't touch tk & tcl if they're available.

Well, maybe if the trace code returned ENOENT on any attempt to satisfy non-explicit dependencies, you could use it to create a virtual chroot and then turn that virtual chroot mode on by default. Oh wait, we already went over all that in the message you cited. :-) :-)

Heh. You love to be right, don't you?

I gave more thought to the way MacPorts work recently and I believe trace mode needs to be on by default. Then the problem is that it generates warnings where we want errors to make sure that portfiles are correct. In such a case, we want the minimum dependency set. For example, many ports will use MP install or autoconf where the system one would be perfectly fine. So yes, I changed my mind and I think we should have a chroot-like environment like you suggested -- it has some holes as ports could disable the dyld injection, but I guess it's fine for what we're doing, it's not a security concern, and it's much cheaper than a real chroot with union mounts, and it provides informations about forbidden accesses. I know you probably looked at it before, but here's a description of buildlink, which is PKGSRC's way of doing this: http://www.netbsd.org/Documentation/pkgsrc/buildlink.html

Basically it is a way of implementing a portable chroot. It *has* some drawbacks too, and besides we don't need that much portability since we changed name, so we might prefer the real chroot way.

The problem is I don't have enough time to implement all this now. I toyed with ruby ports because of a work project of mine that is based on ruby. I'll try to do the 1.3.3 release as asked by James, but I think this will be all for 2006.

Paul --Ministre ultraplénipotentiaire en disponibilité. Mobile. Sans baignoire fixe. http://www.kallisys.com/ http://www-poleia.lip6.fr/~guyot/

-- Pierre