Information about host machine architecture leaks into sandbox
On the Linux platform at least, processes within the sandbox have access to the host's CPU info (
/proc/cpuinfo and on x86 the
If build systems in the sandbox use
gcc -march=native or something similar, reproducibility will be compromised and the built artifacts might not work on CPUs with a different feature set.