pkgsrc-users: Re: pkg_comp runs everything as root

Subject: Re: pkg_comp runs everything as root
To: None <pkgsrc-users@NetBSD.org>
From: Christian Biere <christianbiere@gmx.de>
List: pkgsrc-users
Date: 04/25/2006 00:09:56

--SUOF0GtieIMvvwua
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Jeremy C. Reed wrote:
> On Sun, 23 Apr 2006, Christian Hattemer wrote:
>=20
> > In summary: Are there real concerns in this area, or am I just paranoid?
>=20
> I would not be concerned. Note that even without pkg_comp the default is=
=20
> to do the installation targets as root and we do trust/allow that.

That's not how I see it. If something doesn't need privileges I don't
run it as root. Plain and simple. I don't want to think about - and
it would be a bad idea to trust one's intuition - whether there *could*
be an issue. If you don't run something as root you just know that
a huge amount of issues don't exist. It's not only a measure to prevent
malice, a simple whitespace can cause an unintended blank filesystem
instead of the intended directory removal. Ever tried "indent /netbsd"
as root, by the way?
=20
> As for me, I just manually setup build environment and chroot and do my=
=20
> builds as non-root and installs and packaging as root.
=20
> You could do the builds and installs and packaging as non-root too. (And =
I=20
> do that frequently on some systems.) And some packages wont' build=20
> though.

I build only those packages I need and I cannot remember seeing any
packages that failed because building and installing as non-root.
In a very few cases, packages need set-UID/GID bits somewhere, a
special user etc. but that's usually obvious from the build log,
the Makefile or the documentation.

Since I don't run anything from pkgsrc as root and the pkgsrc user
can only write in /usr/pkgsrc and /usr/pkg (var/db/pkg is a symlink),
the root account should be fairly safe from pkgsrc. The other acounts
aren't but systrace exists - at least on OpenBSD and NetBSD - it
won't help you anywhere else e.g. Linux.

--=20
Christian

--SUOF0GtieIMvvwua
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (NetBSD)

iD8DBQFETUy00KQix3oyIMcRAprZAKC+SEYZlAsrcBilrJxGyl6FSH6XUACghwgm
mpzq4/bwodJLhP7AvFaq94Y=
=FSX0
-----END PGP SIGNATURE-----

--SUOF0GtieIMvvwua--