Subject: Re: pkg/24626: SU_CMD used too much for bin-install
To: Christian Biere <email@example.com>
From: Jeremy C. Reed <firstname.lastname@example.org>
Date: 03/01/2004 09:18:46
On Mon, 1 Mar 2004, Christian Biere wrote:
> email@example.com wrote:
> > Only use SU_CMD for actual pkg_add step or for install and package steps.
> I don't see why I would do either of them as root. /var/db/pkg doesn't
> have to be root-owned. /usr/pkgsrc/ doesn't have to be root:wheel-owned
> either. It doesn't make things safer because - you've already guessed it -
> you run everything which writes to it as root anyway...
> Using a special user bin or pkgsrc and group is a much better idea.
> The only reason for using SU_CMD should be chown, chgrp, chmod etc.
> for special needs like the s-bit or so.
I agree with all this. I already use a dedicated pkgsrc group. I often use
pkgsrc on systems as non-root. (I even suggested ideas for making chmod
work in most cases as non-root.)
But that is unrelated to this PR.
Jeremy C. Reed