Date: Wed, 29 Sep 2021 03:56:58 -0400 From: grarpamp <grarpamp@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: what userid do you update system sources under? Message-ID: <CAD2Ti2-kdh3B38qxhOF9FODTKYahe2_RugAxAeoOsJvVM1mSDg@mail.gmail.com> In-Reply-To: <YVPwaevTQloHSRLH@ceres.zyxst.net> References: <YVMiaWBxb/dbAPzX@ceres.zyxst.net> <ca8626ff-4df4-1e18-2e22-eba0de22e02e@nomadlogic.org> <YVPwaevTQloHSRLH@ceres.zyxst.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> I was wondering if there was something > intrinsically unsafe in using git as the superuser. I mean if a > daemon/process makes a socket call outbound, it's usually as the uid/gid > of the daemon, the least privileges to get the work done. > Maybe my concerns are without foundation in this particular case? > or if it was something to be worried about there'd be a warning or some such in the handbook. Wire protocols... such as git, rsync, ssh, https, etc... the client interprets what the server sends, so exploits can and do happen that way. Remote servers should be considered untrusted. TLS pubkeys should be verified and pinned. Those binaries always full of bugs/sploits themselves. Source code should be considered suspect. The closed source CPU and NIC hardware considered owned by dark enemies and spies. Etc. There are lots of reasons to never use uid 0. Ask why use 0, try finding other ways first. Excepting a few files and dirs, you could chown -Rh 65000:65000 / chmod -Rh -s,ugo-w / mount up the homedirs and the system and users would run just fine. As far as storing and compiling src files, stored by 0 compiled by 60002 provides the same isolation from 60002 as stored by 60001 compiled by 60002. The world should be compiled by !=0. Even making images could avoid 0. Only install needs 0. It's fairly common to use other UID or read-only mounts to keep from accidentally munging sources, etc. Security is a continuum, from powered down and unusable, to wide open to the world and exploited. Those who start learning by trying crazy things like the ch* above, seeing and fixing what breaks, usually better off than depending on some handbooks to teach them everything. Have fun :)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAD2Ti2-kdh3B38qxhOF9FODTKYahe2_RugAxAeoOsJvVM1mSDg>