coreutils su

Bennett Todd bet at rahul.net
Wed Jan 21 13:52:25 PST 2004


> > Never build as root. Never install as root. (When possible)
> 
> Anything that can be done as a normal user, should not be done as root.

It's easy to make installing as non-root work; just make the target
of the installation writeable by non-root.

Whether that's a good idea depends on whether the new introduced
separation of privs buys a benefit; it does introduce an additional
user, non-root, whose actual privs can typically be escalated to
root very easily --- if you can install software, then poke in a
trojan and wait for a root to trip.

-Bennett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20040121/57af1b60/attachment.sig>


More information about the hlfs-dev mailing list