Date: Fri, 30 Dec 2005 11:20:44 +0100 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: "Eygene A. Ryabinkin" <freebsd@rea.mbslab.kiae.ru> Cc: freebsd-current@freebsd.org, ?d?m Szilveszter <adamsz@mailpont.hu> Subject: Re: ports security (was: fetch extension - use local filename from content-disposition header) Message-ID: <20051230102044.GB855@zaphod.nitro.dk> In-Reply-To: <20051230091546.GL895@rea.mbslab.kiae.ru> References: <20051229193328.A13367@cons.org> <20051230021602.GA9026@pit.databus.com> <43B498DF.4050204@cyberwang.net> <43B49B22.7040307@gmail.com> <20051229220403.A16743@cons.org> <20051230053906.GA75942@pit.databus.com> <2440.193.68.33.1.1135932286.squirrel@193.68.33.1> <20051230091546.GL895@rea.mbslab.kiae.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
--Pd0ReVV5GZGQvF3a Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2005.12.30 12:15:46 +0300, Eygene A. Ryabinkin wrote: > In principle, portupgrade and make scripts can be rearranged to be start= ed > as root, but to drop the privileges for the fetching and building via the > creation of child and the setuid() call (su will help). Was such feature > already discuissed and is it desirable? I don't remember seeing it discussed. Fetching as a non-privileged user seems like a really good idea to me. Building as non-root would be nice, but doesn't really buy you much security wise (and will possibly break at least some programs that makes silly assumptions about build as root). Note that both of these features are somewhat paranoid security features, and the risk of getting compromised by either is much smaller than getting compromised by some other much more simple vulnerability. --=20 Simon L. Nielsen --Pd0ReVV5GZGQvF3a Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDtQn8h9pcDSc1mlERAjrxAJ9wsb3VYLilJH1Z862kuY091XWTswCferA9 6hE3kq6WS+fKGPmXPBu60w0= =rni6 -----END PGP SIGNATURE----- --Pd0ReVV5GZGQvF3a--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051230102044.GB855>