From owner-freebsd-bugs Thu May 4 18:20: 6 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 4CEC537B5C3 for ; Thu, 4 May 2000 18:20:03 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id SAA58249; Thu, 4 May 2000 18:20:02 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Date: Thu, 4 May 2000 18:20:02 -0700 (PDT) Message-Id: <200005050120.SAA58249@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: Ben Smithurst Subject: Re: bin/18373: pkg_delete shouldn't insist on root Reply-To: Ben Smithurst Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The following reply was made to PR bin/18373; it has been noted by GNATS. From: Ben Smithurst To: Nick Hibma Cc: FreeBSD-gnats-submit@freebsd.org Subject: Re: bin/18373: pkg_delete shouldn't insist on root Date: Fri, 5 May 2000 01:13:29 +0100 Nick Hibma wrote: >> It is rather inconvenient that pkg_delete(1) requires the calling user >> to be root, as this makes testing a port you have created hard (it >> seems you have to be root to allow "make deinstall" do anything). This >> restriction seems unnecessary, and removing it certainly can't be a >> security risk. > > Example: libmm (used by a webserver) could then be deleted and the > webserver being brought down. It is? Perhaps I'm being dumb, but what's to stop a user compiling their own version of pkg_delete and removing the getuid check? If libmm has files deletable by a normal user, I don't even see what difference it makes if they use pkg_delete or rm. Perhaps you could explain? Is there something special about libmm or were you just picking a random port? (I don't even see a libmm port, so it must be part of another port, but anyway...) > Check the chmod man page for information on setting suid and setguid > bits to enable you to start pkg_delete as a normal user. Or write a > suid wrapper only executable by you. Thanks but this is more than I need to do. I don't want to be able to delete ports installed "properly" (for want of a better word), just ports I've installed in my home directory while testing a new port. I *don't* need root to do anything pkg_delete does in that case, and it shouldn't force me to be root. -- Ben Smithurst / ben@scientia.demon.co.uk / PGP: 0x99392F7D To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message