Subject: trusting cvs & pkgsrc
To: None <netbsd-users@netbsd.org>
From: Jan Danielsson <jan.danielsson@gmail.com>
List: netbsd-users
Date: 12/15/2005 21:21:07
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig8A7907B942BF2EA2B131DAD3
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Hello all,
On my NetBSD system, I have a user called "pkgsrc", with a home
directory /home/pkgsrc which is responsible for storing pkgsrc. I don't
find this to be optimal. I would prefer to keep pkgsrc in /usr/pkgsrc,
and have root own it.
The reason I have created a pkgsrc user is because I don't trust cvs.
If it runs amok, I want to limits its possibilities to do damage.
Now I'm setting up a new NetBSD system. On it, I would prefer to not
have a pkgsrc user. But I still don't trust cvs.
Would it be possible to create a "jail" for sync:ing pkgsrc with
root? I haven't used chroot:ed jails, but I assume that they are for
doing what I want(?). Has anyone done what I want to do, and give some
pointers?
...or am I overly paranoid for not trusting cvs?
I love the "least possible rights" philisophy, and sync:ing pkgsrc
really doesn't require root privileges.
--
Kind Regards,
Jan Danielsson
Te audire non possum. Musa sapientum fixa est in aure.
--------------enig8A7907B942BF2EA2B131DAD3
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
iD8DBQFDodA48wBCTJQ8HEIRAsOEAJ0bkphSjuYCb8yy7xYfSxMQxtXgWgCeLhXW
ttOGrNvvyn2FdJ5vfzx+H+8=
=MTgh
-----END PGP SIGNATURE-----
--------------enig8A7907B942BF2EA2B131DAD3--