From owner-freebsd-questions Sat May 25 13:58:17 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mirapoint2.brutele.be (mirapoint2.brutele.be [212.68.193.7]) by hub.freebsd.org (Postfix) with ESMTP id 9ABBB37B40B for ; Sat, 25 May 2002 13:58:13 -0700 (PDT) Received: from gateway.lefort.net ([213.189.162.78]) by mirapoint2.brutele.be (Mirapoint) with ESMTP id AYL61114; Sat, 25 May 2002 22:58:11 +0200 (CEST) Received: from jsite.lefort.net (jsite.lefort.net [192.168.1.2]) by gateway.lefort.net (Postfix) with ESMTP id 50A5C152E2 for ; Sat, 25 May 2002 22:58:10 +0200 (CEST) Received: from jsite.lefort.net (localhost [127.0.0.1]) by jsite.lefort.net (Postfix) with SMTP id 153DF22E14 for ; Sat, 25 May 2002 22:58:09 +0200 (CEST) Date: Sat, 25 May 2002 22:58:08 +0200 From: Jean-Yves Lefort To: Questions Subject: Building ports as a non priviledged user Message-Id: <20020525225808.08ac014c.jylefort@brutele.be> X-Mailer: Sylpheed version 0.7.5 (GTK+ 1.2.10; i386-portbld-freebsd4.6) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi, A backdoor has been found in Irssi's configure script. It compiled a little C program which connected to some host and spawned a shell. Since FreeBSD ports are built as root by default, the attacker would have gained a rootshell, instead of a non-priviledged shell. Is there a way to build FreeBSD ports using a non-priviledged account, and only install them as root? Regards, Jean-Yves Lefort -- Jean-Yves Lefort jylefort@brutele.be http://lefort.homeunix.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message