[PATCH] portmaster with SU_CMD
Stefan Sperling
stsp at stsp.name
Mon Nov 12 12:09:32 PST 2007
On Mon, Nov 12, 2007 at 10:24:19AM -0800, Garrett Cooper wrote:
> Greg Minshall wrote:
>> i'd add my two cents for being able to do builds without running as root.
>
> Building as non-root user and then installing as root has its caveats I
> would think..
>
> Pro:
> - Compiling as a non-root user and then installing as root reduces the
> security risk of a possible exploit in the portmaster / base system
> infrastructure.
I myself am not hoping that not compiling as root will save my
system from being cracked by Mr. Malicious, and I would not advise
anyone to believe in such illusions.
Think about it, make install is still vulnerable :)
Compiling ports as non-root simply follows from the principle
of least authority.
I hope it will save me from bugs in some makefile or configure
script touching files on my system it should not be touching.
I could do it with portupgrade, it never hurt, now I can do
it with portmaster, too.
> Con:
> - People with sufficient permissions (possibly caused by bad umask
> settings) but without root access, can modify the binaries / recompile
> files to suit their needs prior to them being installed as root
Indeed. Of course, on a multiuser system you should take proper
precautions before using portmaster with -S.
I'd like to stress again that the patch does not stop anyone
from simply running portmaster entirely as root if desired.
It's just like the -s switch portupgrade has had for ages.
I wonder if there was a similar discussion about that switch
when it was first introduced...
--
stefan
http://stsp.name PGP Key: 0xF59D25F0
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-ports/attachments/20071112/faa0e7a4/attachment.pgp
More information about the freebsd-ports
mailing list