netbsd-bugs: Re: pkg/24626: SU_CMD used too much for bin-install

Subject: Re: pkg/24626: SU_CMD used too much for bin-install
To: Christian Biere <christianbiere@gmx.de>
From: Jeremy C. Reed <reed@reedmedia.net>
List: netbsd-bugs
Date: 03/01/2004 09:18:46

On Mon, 1 Mar 2004, Christian Biere wrote:

> reed@reedmedia.net wrote:
> > Only use SU_CMD for actual pkg_add step or for install and package steps.
>
> I don't see why I would do either of them as root. /var/db/pkg doesn't
> have to be root-owned. /usr/pkgsrc/ doesn't have to be root:wheel-owned
> either. It doesn't make things safer because - you've already guessed it -
> you run everything which writes to it as root anyway...
> Using a special user bin or pkgsrc and group is a much better idea.
> The only reason for using SU_CMD should be chown, chgrp, chmod etc.
> for special needs like the s-bit or so.

I agree with all this. I already use a dedicated pkgsrc group. I often use
pkgsrc on systems as non-root. (I even suggested ideas for making chmod
work in most cases as non-root.)

But that is unrelated to this PR.

   Jeremy C. Reed
   http://bsd.reedmedia.net/