| | 46 | MacPorts uses dynamic library injection code to control and monitor file system accesses of ports when they are compiled. This technique is used for the trace mode which is used to automatically figure out dependencies between ports. The proposed task consists in upgrading this mechanism to transform the trace mode (which ''reports'') into a virtual chroot environment which will contraint ports to be compiled in a controlled environment. For example, if a port does not mention a dependency on the jpeg port, the configure script, the compiler and the linker will not see jpeg port binaries, includes and libraries. This task could extend up to defining virtual ports based on software installed with traditional MacOS X packages (for which list of files are saved in /Library/Receipts/). Part of the challenge includes the design of an efficient communication channel between the dynamic library and the Tcl code and a complete study of possible holes in this virtual chroot environment. |
