On Pén, December 30, 2005 11:20 am, Simon L. Nielsen wrote: > I don't remember seeing it discussed. Fetching as a non-privileged > user seems like a really good idea to me. Building as non-root would > be nice, but doesn't really buy you much security wise I would be interested to hear why you think this. (I am aware of the problems at install stage) > (and will > possibly break at least some programs that makes silly assumptions > about build as root). Yes, although we do not know how many programs are affected by this in reality. Eg Gentoo, AFAIK does not build as root. > Note that both of these features are somewhat paranoid security > features, and the risk of getting compromised by either is much > smaller than getting compromised by some other much more simple > vulnerability. I think that running fetch as root is really an unnecessary risk to the system for the same reason as running a web browser or reading mail as root is. For some, this risk is bearable. But it is not security best practice by any stretch. Regards Sz. ------------------------------------------------------------------------ Telcsi.hu - A legújabb csengőhangok menő slágerekkel >>> Polifónikus és normál csengőhangok >>> Animált és normál háttérképek >>> MP3 effektek >>> http://www.telcsi.hu/index.php?prefix=VMReceived on Fri Dec 30 2005 - 10:56:53 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:50 UTC