From owner-freebsd-ports@FreeBSD.ORG  Wed Nov 14 02:51:22 2007
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 5139116A418;
	Wed, 14 Nov 2007 02:51:22 +0000 (UTC)
	(envelope-from minshall@acm.org)
Received: from einstein.cliq.org (einstein.cliq.org [131.161.246.13])
	by mx1.freebsd.org (Postfix) with ESMTP id 419A513C467;
	Wed, 14 Nov 2007 02:51:22 +0000 (UTC)
	(envelope-from minshall@acm.org)
Received: from gregtx.cliq.com (minshall@localhost.cliq.org [IPv6:::1])
	by einstein.cliq.org (8.13.4/8.13.4) with ESMTP id lAE2pKfv017668;
	Tue, 13 Nov 2007 18:51:20 -0800 (PST)
Received: from gregtx (localhost [127.0.0.1])
	by gregtx.cliq.com (Postfix) with ESMTP id 7A6835DC5;
	Tue, 13 Nov 2007 18:50:39 -0800 (PST)
X-Mailer: exmh version 2.7.2 01/07/2005 with nmh-1.2
From: Greg Minshall <minshall@acm.org>
To: Garrett Cooper <youshi10@u.washington.edu>
In-reply-to: Your message of "Mon, 12 Nov 2007 10:24:19 PST."
	<47389A53.20207@u.washington.edu> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Tue, 13 Nov 2007 18:50:39 -0800
Sender: minshall@acm.org
Message-Id: <20071114025039.7A6835DC5@gregtx.cliq.com>
Cc: ports@freebsd.org, Doug Barton <dougb@freebsd.org>,
	Stefan Sperling <stsp@stsp.name>
Subject: Re: [PATCH] portmaster with SU_CMD 
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Nov 2007 02:51:22 -0000

this died down while i was disconnected, and i don't want to fan flames, but 
two minor points:

1.  the issue of how much of the time to run as root is one of personal 
preference (aesthetics, religion, if you prefer).  a lot of people are happy 
having windows logged in as root up all the time; other people want to be root 
as little as possible.

2.  if someone can hack my personal account, they can control the machine by 
setting up trapdoors (that probably i, at least, wouldn't notice until it was 
too late).  that means 2 things:

a) the security problems Garrett pointed out in being able to compile as 
non-root aren't really an issue, since, again, if they become me, it's all 
over.

b) to a large extent, the security issues i might worry about leaving root 
windows on my machine aren't really an issue, because i leave *me* on my 
machine, and, again, if they become me, it's all over.  (but, again, for *me*, 
it's mostly principle/aesthetics/religion [in addition to trying to protect 
the machine from my own fumble fingers].)

all this without arguing for the portmaster changes one way or the other, as i 
don't know or use portmaster.

cheers, Greg