On 2005.12.30 12:15:46 +0300, Eygene A. Ryabinkin wrote: > In principle, portupgrade and make scripts can be rearranged to be started > as root, but to drop the privileges for the fetching and building via the > creation of child and the setuid() call (su will help). Was such feature > already discuissed and is it desirable? I don't remember seeing it discussed. Fetching as a non-privileged user seems like a really good idea to me. Building as non-root would be nice, but doesn't really buy you much security wise (and will possibly break at least some programs that makes silly assumptions about build as root). Note that both of these features are somewhat paranoid security features, and the risk of getting compromised by either is much smaller than getting compromised by some other much more simple vulnerability. -- Simon L. Nielsen
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:50 UTC