#237 Use sandboxing for builds

open
nobody
None
5
2011-02-28
2011-02-28
No

The sandbox-exec(1) functionality allows you to restrict process behavior. This could be used to prevent builds from writing outside the build dir, and might allow hiding /usr/local as well for reliability.

Discussion