From owner-freebsd-current@FreeBSD.ORG Fri Dec 30 09:15:50 2005 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1B04F16A41F for ; Fri, 30 Dec 2005 09:15:50 +0000 (GMT) (envelope-from freebsd@rea.mbslab.kiae.ru) Received: from rea.mbslab.kiae.ru (rea.mbslab.kiae.ru [144.206.177.25]) by mx1.FreeBSD.org (Postfix) with ESMTP id 70BBE43D49 for ; Fri, 30 Dec 2005 09:15:49 +0000 (GMT) (envelope-from freebsd@rea.mbslab.kiae.ru) Received: from rea.mbslab.kiae.ru (localhost [127.0.0.1]) by rea.mbslab.kiae.ru (Postfix) with ESMTP id 2FAB2BFF9; Fri, 30 Dec 2005 12:15:47 +0300 (MSK) Received: by rea.mbslab.kiae.ru (Postfix, from userid 1000) id 0B2F4BFF8; Fri, 30 Dec 2005 12:15:47 +0300 (MSK) Date: Fri, 30 Dec 2005 12:15:46 +0300 From: "Eygene A. Ryabinkin" To: ?d?m Szilveszter Message-ID: <20051230091546.GL895@rea.mbslab.kiae.ru> References: <20051229193328.A13367@cons.org> <20051230021602.GA9026@pit.databus.com> <43B498DF.4050204@cyberwang.net> <43B49B22.7040307@gmail.com> <20051229220403.A16743@cons.org> <20051230053906.GA75942@pit.databus.com> <2440.193.68.33.1.1135932286.squirrel@193.68.33.1> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <2440.193.68.33.1.1135932286.squirrel@193.68.33.1> User-Agent: Mutt/1.5.11 X-AV-Checked: Yes! Cc: freebsd-current@freebsd.org Subject: Re: fetch extension - use local filename from content-disposition header X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Dec 2005 09:15:50 -0000 A bit offtopic, but... > However, when I mentioned this on -security in a thread > (about trusting trust) all I got back was that it was difficult to make > sure that all ports build as normal user. Which of course does not explain > fetching as root at all, but hey. OK, actually you can fetch as non-root: just make /usr/ports/distfiles writeable to the user (or group) that should be able to fetch the packages. The same holds for the source compilation: give the write permissions to the port's directory. 'make install' switches to the root account via 'su', so you can just issue 'make install' and the build scripts will do the trick. The price is also known: you'll need to supply the root password for each package. And this will cause the major pain to the portupgrade users -- it is not so easy to teach portupgrade to do its job from the non-root account. It can be done, but you'll still need to supply root password for every package at least two times. In principle, portupgrade and make scripts can be rearranged to be started as root, but to drop the privileges for the fetching and building via the creation of child and the setuid() call (su will help). Was such feature already discuissed and is it desirable? -- rea BOFH excuse #121: halon system went off and killed the operators