-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday 22 April 2003 07:03 pm, Tino Meinen wrote: > Op wo 23-04-2003, om 00:18 schreef Felipe Alfaro Solana: > > On Tue, 2003-04-22 at 18:03, Canadilla, Pedro wrote: > > It's not exactly "wrong" to build packages as root. But, what would > > happen if you try to build as a root package whose sources contain a > > troyan horse that is invoked during compilation? The troyan would be > > ran as root and could install itself easily in your system. This has > > happened in the past. If my memory serves me well, there were some > > versions of sendmail troyaned out. > > > > So the question is not if "it's wrong to build as root", but if "it's > > more secure to build as a regular, non-privileged user." > > But what happens when, after you built a rpm as a normal user, you try > to install it? You usually are root when you do that. So the trojan > horse could be built during the compilation and installed when the rpm > is installed. The end result would be the same. > Or am I not seeing things clearly here? You are always root when you install packages. (Or at least have superuser privileges.) At some point, it becomes a trust issue. If you download a gpg signed .src.rpm from Red Hat, you are reasonably safe. If you've found some code somewhere on the internet and choose to create an rpm package... Well, then you are more trusting than I am. ;) The main argument I can think of against building as root is accidental misconfiguration. (accidental or intentional, for that matter) Most packages during the build process execute: rm -rf $RPM_BUILD_ROOT Now, suppose you were building as root, and I modified the specfile, like so: RPM_BUILD_ROOT=/ rm -rf $RPM_BUILD_ROOT Or perhaps: make DESTDIR="$RPM_BUILD_ROOT" install Consider the results when run as root, then as a mortal user. I'll take the damage inflicted on the mortal user over the other possibility. By the way, most of my specfiles actually check for this problem, just to be safe: [ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT - -- - -Michael pgp key: http://www.tuxfan.homeip.net:8080/gpgkey.txt Red Hat Linux 7.{2,3}|8.0 in 8M of RAM: http://www.rule-project.org/ - -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+pdUen/07WoAb/SsRAnbyAJ9MXQnecMtUl54UPSJ4MIH3V+5GcQCghOJg zmzLB9ERZK95yVY50VttH6I= =7GIM -----END PGP SIGNATURE-----
