On Thu, Dec 16, 2010 at 3:49 PM, Leonard den Ottolander <leonard@xxxxxxxxxxxxxxxxx> wrote: > Hello Nico, > > On Thu, 2010-12-16 at 15:20 -0500, Nico Kadel-Garcia wrote: >> On Thu, Dec 16, 2010 at 11:00 AM, Leonard den Ottolander >> > /usr/src/redhat and sub dirs are owned root.root. If you want to build >> > as a normal user (and you should!) you should fix the ownership of those >> > directories. >> >> NO. Never do this. > > Why would that be a problem? > > Regards, > Leonard. There are easily half a dozen reasons. The first one is that this is where root runs their builds: if you leave it with write permission for other users, they can replace components behind your back. Worse, they can replace the .spec file, so when software is built, it runs as the root user. Since various components do rely on RPM rebuilding, such as HP's "Proliant Service Pack", it inserts a great glaring vulnerability to leverage when the rebuild occurs. Second, if you open the permissions there, multiple users can step on each other building similar packages at the same time, especially if they happen to be different versions of the same software. The third reason one is that "/usr" is typically of modest size, and leaving it open for RPM development can lead to many gigabytes of inappropriate debris scattering it. Many modern systems have a much larger /usr than they used to, but having to allocate that much extra space for compilation efforts may cause other interesting resource allocation problems. And overflowing /usr can cause very serious problems indeed. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos