Date: Thu, 4 May 2000 18:56:45 +0100 (BST) From: Nick Hibma <n_hibma@calcaphon.com> To: Neil Blakey-Milner <nbm@mithrandr.moria.org> Cc: freebsd-bugs@freebsd.org Subject: Re: bin/18373: pkg_delete shouldn't insist on root Message-ID: <Pine.BSF.4.20.0005041854530.7651-100000@localhost> In-Reply-To: <20000504170054.A21029@mithrandr.moria.org>
next in thread | previous in thread | raw e-mail | index | archive | help
You can't update /var/db/pkgs in that case. I think. In any case, part of the update needs to be done as root, so pkg_delete has to switch user every so often to do the right thing. If you feel strongly about this I suggest you argue your case to Warner Losh <imp@freebsd.org> our security officer. Nick On Thu, 4 May 2000, Neil Blakey-Milner wrote: > On Thu 2000-05-04 (07:50), Nick Hibma wrote: > > The following reply was made to PR bin/18373; it has been noted by GNATS. > > > > From: Nick Hibma <n_hibma@calcaphon.com> > > To: Ben Smithurst <ben@scientia.demon.co.uk> > > Cc: FreeBSD-gnats-submit@freebsd.org > > Subject: Re: bin/18373: pkg_delete shouldn't insist on root > > Date: Thu, 4 May 2000 15:46:15 +0100 (BST) > > > > > It is rather inconvenient that pkg_delete(1) requires the calling user > > > to be root, as this makes testing a port you have created hard (it > > > seems you have to be root to allow "make deinstall" do anything). This > > > restriction seems unnecessary, and removing it certainly can't be a > > > security risk. > > > > Example: libmm (used by a webserver) could then be deleted and the > > webserver being brought down. > > Err, without having root? I'd love to see a non-root process delete > things it doesn't have permissions for. This is for packages installed > by yourself, owned by you, in your own package directory. > > > It _is_ a security risk. > > I don't think so, unless I missed something huge. > > Neil > -- > Neil Blakey-Milner > Hacker In Chief, Sunesi Clinical Systems > nbm@mithrandr.moria.org > -- n_hibma@webweaving.org n_hibma@freebsd.org USB project http://www.etla.net/~n_hibma/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.20.0005041854530.7651-100000>