Date: Sat, 25 May 2002 22:58:08 +0200 From: Jean-Yves Lefort <jylefort@brutele.be> To: Questions <freebsd-questions@FreeBSD.org> Subject: Building ports as a non priviledged user Message-ID: <20020525225808.08ac014c.jylefort@brutele.be>
next in thread | raw e-mail | index | archive | help
Hi, A backdoor has been found in Irssi's configure script. It compiled a little C program which connected to some host and spawned a shell. Since FreeBSD ports are built as root by default, the attacker would have gained a rootshell, instead of a non-priviledged shell. Is there a way to build FreeBSD ports using a non-priviledged account, and only install them as root? Regards, Jean-Yves Lefort -- Jean-Yves Lefort jylefort@brutele.be http://lefort.homeunix.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020525225808.08ac014c.jylefort>