From owner-freebsd-questions  Fri Feb 12 19:02:39 1999
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id TAA16809
          for freebsd-questions-outgoing; Fri, 12 Feb 1999 19:02:39 -0800 (PST)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from pez.hyperreal.org (pez.hyperreal.org [207.181.224.6])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id TAA16804
          for <questions@freebsd.org>; Fri, 12 Feb 1999 19:02:38 -0800 (PST)
          (envelope-from brian@hyperreal.org)
Received: (qmail 16874 invoked by uid 4000); 13 Feb 1999 03:02:57 -0000
Received: from localhost (sendmail-bs@127.0.0.1)
  by localhost with SMTP; 13 Feb 1999 03:02:57 -0000
Date: Fri, 12 Feb 1999 19:02:57 -0800 (PST)
From: Brian Behlendorf <brian@hyperreal.org>
To: questions@FreeBSD.ORG
Subject: q about ports, root, security
Message-ID: <Pine.BSF.4.05.9902121852150.15344-100000@pez.hyperreal.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


Maybe this is more appropriate for ports@, or security@, or something
else; I didn't find anything relevant to this thread in the mail archives.

It seems to me that the modus operandi for ports installation is to do the
build and the install as root.  It's possible to do the build as another
user, but the install step almost always needs root, and the install step
can sometimes trigger the installation of dependency ports, which
sometimes means building those ports as root.  

It's generally considered a Good Thing to do as little as possible as
root.  I can certainly scrutinize a "make install" step if it's important
to me; scrutinizing the entire build process is another issue entirely.

It seems like we could come up with a solution for building ports where
the port builds were executed as another user - user "ports"?  user
"nobody"? - if the original "make" was being done by root.  Or, we could
somehow enforce that a "make" will always build dependency ports, and a
"make install" will only install those dependencies (or won't
automatically install any, though that's a loss of nice functionality).

Is this worth worrying about?  I know a common target of derision are
those new users who log in and send/receive mail and browser the web as
"root" when using a desktop Unix; well, if we reduce the amount of time
they need to spend as root, maybe they won't need to be it so much...

	Brian



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message