[PATCH] portmaster with SU_CMD

Greg Minshall minshall at acm.org
Tue Nov 13 18:51:22 PST 2007


this died down while i was disconnected, and i don't want to fan flames, but 
two minor points:

1.  the issue of how much of the time to run as root is one of personal 
preference (aesthetics, religion, if you prefer).  a lot of people are happy 
having windows logged in as root up all the time; other people want to be root 
as little as possible.

2.  if someone can hack my personal account, they can control the machine by 
setting up trapdoors (that probably i, at least, wouldn't notice until it was 
too late).  that means 2 things:

a) the security problems Garrett pointed out in being able to compile as 
non-root aren't really an issue, since, again, if they become me, it's all 
over.

b) to a large extent, the security issues i might worry about leaving root 
windows on my machine aren't really an issue, because i leave *me* on my 
machine, and, again, if they become me, it's all over.  (but, again, for *me*, 
it's mostly principle/aesthetics/religion [in addition to trying to protect 
the machine from my own fumble fingers].)

all this without arguing for the portmaster changes one way or the other, as i 
don't know or use portmaster.

cheers, Greg



More information about the freebsd-ports mailing list