[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lwip-devel] [bug #64010] oss-fuzz integration
|
From: |
Jan Breuer |
|
Subject: |
[lwip-devel] [bug #64010] oss-fuzz integration |
|
Date: |
Thu, 13 Apr 2023 06:14:01 -0400 (EDT) |
Follow-up Comment #11, bug #64010 (project lwip):
[comment #10 comment #10:]
> Do the users have a superuser access to their container? Can they modify
their OSS-Fuzz instance in it? Can they replace or combine their instance
with something unrelated they want to use, like aerial imagery processing?
>
You can define your own Dockerfile and define your container for your project
and in theory, do aerial imagery processing in it. On the other hand, it will
probably not be accepted if it is unrelated to fuzzing.
It is similar to e.g. [2]. They are doing continuous integration tasks for
coreutils. Coreutils maintainers can define anything that should be done. The
service is open-source (GPL-3).
But if coreutils maintainers decide to run aerial imagery processing during
the build, Hydra maintainers will probably not be happy. It probably wouldn't
even pass the coreutils maintener review.
They also probably don't have root access to the container while it is
running.
So a useful service, so open and still on the wrong side because it is clearly
SaaSS by this definition.
I understand your views, but it still makes me sad.
Because back in the days when CI was not a thing, someone told us that SaaSS
was evil.
So we'll stay in IT prehistory just for that.
Should we add artificial backdoors to build containers to fulfill the idea
that we won't be considered SaaSS? That seems to be the only difference.
> First, it's questionable whether that mirror is really official.
See [1] "The latest source with revision history can be browsed using cgit,
gitweb or *GitHub*."
> I couldn't find any references of OSS-Fuzz in Coreutils; since it's free
software, its users may do whatever they wish with it, including submitting it
to third-party services.
So if we would like to use OSS-Fuzz, we should create an unofficial mirror, do
it there, and don't tell you about it ;-)
[1] https://www.gnu.org/software/coreutils/#source
[2] https://hydra.nixos.org/jobset/gnu/coreutils-master
_______________________________________________________
Reply to this item at:
<https://savannah.nongnu.org/bugs/?64010>
_______________________________________________
Message sent via Savannah
https://savannah.nongnu.org/
- [lwip-devel] [bug #64010] oss-fuzz integration, (continued)
- Message not available
- [lwip-devel] [bug #64010] oss-fuzz integration, Stian Sebastian Skjelstad, 2023/04/07
- [lwip-devel] [bug #64010] oss-fuzz integration, J. Neuschäfer, 2023/04/07
- Message not available
- [lwip-devel] [bug #64010] oss-fuzz integration, Simon Goldschmidt, 2023/04/07
- [lwip-devel] [bug #64010] oss-fuzz integration, J. Neuschäfer, 2023/04/08
- Message not available
- [lwip-devel] [bug #64010] oss-fuzz integration, Ineiev, 2023/04/08
- [lwip-devel] [bug #64010] oss-fuzz integration, J. Neuschäfer, 2023/04/08
- Message not available
- [lwip-devel] [bug #64010] oss-fuzz integration, J. Neuschäfer, 2023/04/08
- Message not available
- [lwip-devel] [bug #64010] oss-fuzz integration, Ineiev, 2023/04/08
- [lwip-devel] [bug #64010] oss-fuzz integration, Jan Breuer, 2023/04/11
- [lwip-devel] [bug #64010] oss-fuzz integration, Ineiev, 2023/04/13
- [lwip-devel] [bug #64010] oss-fuzz integration,
Jan Breuer <=
- [lwip-devel] [bug #64010] oss-fuzz integration, Ineiev, 2023/04/14
- [lwip-devel] [bug #64010] oss-fuzz integration, Simon Goldschmidt, 2023/04/14
- [lwip-devel] [bug #64010] oss-fuzz integration, Ineiev, 2023/04/18