On 3/12/07, Jim Perrin <jperrin@xxxxxxxxx> wrote:
On 3/12/07, Alfred von Campe <alfred@xxxxxxx> wrote: > I was just going to report these myself. Anyway, I am on the final > step at the moment (the RPM is being built). But I have a couple of > questions regarding this process of building a custom kernel: > > 1. Why is it not a good idea to build a custom kernel > as root (you have to be root to install it)? Building as root is bad practice for all software. This is mostly to protect you from bad code. If a cleanup script tries to delete / instead of just the buildroot, you'll be in a world of hurt by building as root. By building as a normal/restricted user you reduce the permissions available to the code, thereby minimizing potential damage.
And that is the critical type of problems (i.e. removing /). Subtler issues can occur also if the build scriptlets install files, or change configs your build system becomes polluted. Cheers...james _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
