Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: note that Homebrew does not have a sandbox on Linux #17318

Merged
merged 3 commits into from
May 16, 2024
Merged

feat: note that Homebrew does not have a sandbox on Linux #17318

merged 3 commits into from
May 16, 2024

Conversation

SMillerDev
Copy link
Member

  • Have you followed the guidelines in our Contributing document?
  • Have you checked to ensure there aren't other open Pull Requests for the same change?
  • Have you added an explanation of what your changes do and why you'd like us to include them?
  • Have you written new tests for your changes? Here's an example.
  • Have you successfully run brew style with your changes locally?
  • Have you successfully run brew typecheck with your changes locally?
  • Have you successfully run brew tests with your changes locally?

p-linnane
p-linnane approved these changes May 16, 2024
View reviewed changes
Copy link
Member

@p-linnane p-linnane left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Two options for you

docs/Homebrew-on-Linux.md Outdated Show resolved Hide resolved
docs/Homebrew-on-Linux.md Outdated Show resolved Hide resolved
@SMillerDev @p-linnane
Update Homebrew-on-Linux.md
4072122 
Co-authored-by: Patrick Linnane <patrick@linnane.io>
gromgit
gromgit reviewed May 16, 2024
View reviewed changes
docs/Homebrew-on-Linux.md Outdated Show resolved Hide resolved
@SMillerDev @gromgit
Update Homebrew-on-Linux.md
09dcca0 
Co-authored-by: Adrian Ho <the.gromgit@gmail.com>
@p-linnane p-linnane enabled auto-merge May 16, 2024 17:52
@p-linnane p-linnane merged commit 97030b7 into master May 16, 2024
25 checks passed
@p-linnane p-linnane deleted the feat/docs/linux_sandbox branch May 16, 2024 18:01
MikeMcQuaid
MikeMcQuaid reviewed May 17, 2024
View reviewed changes
docs/Homebrew-on-Linux.md
@@ -45,6 +45,9 @@ brew install hello

If you're using an older distribution of Linux, installing your first package will also install a recent version of *glibc* and *gcc*. Use `brew doctor` to troubleshoot common issues.

> [!NOTICE]
> Please note that unlike macOS, Homebrew does not use a sandbox when building on Linux, so formulae may install outside the Homebrew prefix.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

may not only read but also write arbitrary files anywhere outside the Homebrew prefix

Thoughts?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would turn them around, since I'd be more worried about reads than writes. But clarification is good either way

Copy link
Member

@Bo98 Bo98 May 17, 2024
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Our macOS sandbox doesn't block reads either - it wasn't really designed to allow you to install untrusted software, more to prevent accidents due to not passing the correct --prefix.

Bo98
Bo98 reviewed May 17, 2024
View reviewed changes
docs/Homebrew-on-Linux.md
@@ -45,6 +45,9 @@ brew install hello

If you're using an older distribution of Linux, installing your first package will also install a recent version of *glibc* and *gcc*. Use `brew doctor` to troubleshoot common issues.

> [!NOTICE]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is GitHub-specific syntax that our website generation doesn't currently support

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MikeMcQuaid MikeMcQuaid MikeMcQuaid left review comments

@gromgit gromgit gromgit left review comments

@Bo98 Bo98 Bo98 left review comments

@carlocab carlocab carlocab approved these changes

@p-linnane p-linnane p-linnane approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@SMillerDev @MikeMcQuaid @gromgit @Bo98 @carlocab @p-linnane