From owner-freebsd-ports@FreeBSD.ORG  Mon Mar 25 03:16:14 2013
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id E0FA6340
 for <freebsd-ports@freebsd.org>; Mon, 25 Mar 2013 03:16:14 +0000 (UTC)
 (envelope-from sib@tormail.org)
Received: from outgoing.tormail.org (outgoing.tormail.org [82.221.96.22])
 by mx1.freebsd.org (Postfix) with ESMTP id A361867B
 for <freebsd-ports@freebsd.org>; Mon, 25 Mar 2013 03:16:14 +0000 (UTC)
Received: from localhost ([127.0.0.1] helo=internal.tormail.org)
 by outgoing.tormail.org with esmtp (Exim 4.72)
 (envelope-from <sib@tormail.org>) id 1UJxtG-0007hn-9G
 for freebsd-ports@freebsd.org; Mon, 25 Mar 2013 06:16:06 +0300
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=tormail.org;
 s=tm; 
 h=Message-Id:X-TorMail-User:Content-Transfer-Encoding:Content-Type:MIME-Version:To:From:Subject:Date;
 bh=0OQ8xEvhEWfm/Q5uPu3wa1BjBsMyv1vkJcmUBe+UJLA=; 
 b=iVHQ7U6c9jfScpEPK0K0+2S7xQVWuCHxb1gkonnRgqjEjBu5jeUxgFx0BahZn+P40T1kn+GvGOSmme6l/Cg15kuwCLRqj81xZivD946nle4Yui/g8mGX4DPUmw1SoVYgLMQ7vuy4CNlEzkuC3kXOnbd40FpcJGg2/Uz6PCNYcbs=;
Received: from sib by internal.tormail.org with local (Exim 4.63)
 (envelope-from <sib@tormail.org>) id 1UJxqn-0004Jp-LC
 for freebsd-ports@freebsd.org; Mon, 25 Mar 2013 03:13:33 +0000
Date: Mon, 25 Mar 2013 03:13:33 -0000
Subject: Ports as an unprivileged user
From: sib@tormail.org
To: freebsd-ports@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Importance: High
X-TorMail-User: sib
Message-Id: <1UJxqn-0004Jp-LC@internal.tormail.org>
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Mar 2013 03:16:14 -0000

Hi. While looking up how to configure ports to run as a user other than
root, I came across a few pages that describe setting some make.conf
variables.

http://forums.freebsd.org/showthread.php?t=22368
http://www.mail-archive.com/freebsd-questions@freebsd.org/msg31323.html

Is there any plans or work being done on making this kind of system
default? There "probably" won't be any exploits in fetch/libfetch, but
there's also no reason to do everything as root. Even just the distfile
fetching as a user would be better I think. We could have a dedicated
"ports" user that has access to /usr/ports/distfiles or something. Just
some security for consideration.