On Thu, Aug 22, 2002 at 01:06:55AM -0400, kpneal@pobox.com wrote:
> On Wed, Aug 21, 2002 at 11:33:42AM +0200, Alistair Crooks wrote:
> > Actually, LOCALBASE defaults to "/usr/pkg", and a lot of people
> > install pkgsrc in "/usr/pkgsrc".  However, the source tree is location
> > independent, and you can have any number of them.
> 
> But you can't have the source in /usr/pkg/src, which is a bummer. It
> makes partitioning easier and results in less clutter in /usr. 

I don't see why you can't put the source in /usr/pkg/src.  I admit
that I've never tried to do it, but I have a number of different
pkgsrc trees checked out, all in different places.  Why is
/usr/pkg/src special?
 
> > You don't need to compile everything as root - pkgsrc will detect this
> > when it needs to su, and do it "just in time".  There have been two
> > trojan attacks recently (in irssi and openssh, pkgsrc was vulnerable
> > to the irssi one, but not openssh) and the exposure to this sort of
> > trojan (which happens during the configure stage) is greatly reduced
> > if you run as a normal user.
> 
> But then doesn't make package blow up because it won't su for you?
> Also, how is make update (or similar) supposed to work?

A check is done just before "make package", "make install", "make
replace", "make undo-replace" and "make deinstall" - if the effective
uid is not 0, then ${SU_CMD} is executed to gain the desrired
privileges.

It's been like that for 3 years, I think, and we haven't had any
complaints yet.

Personally, I try to limit the amount of time which I have root's
privileges as much as possible.

Regards,
Alistair