cendres at videotron.ca
Wed Jan 21 14:16:35 PST 2004
On January 21, 2004 04:52 pm, Bennett Todd wrote:
> > > Never build as root. Never install as root. (When possible)
> > Anything that can be done as a normal user, should not be done as root.
> It's easy to make installing as non-root work; just make the target
> of the installation writeable by non-root.
> Whether that's a good idea depends on whether the new introduced
> separation of privs buys a benefit; it does introduce an additional
> user, non-root, whose actual privs can typically be escalated to
> root very easily --- if you can install software, then poke in a
> trojan and wait for a root to trip.
That might be why its not popular. I think it would work if user bin is
su-only from root. /etc, /sbin, /lib, and /bin get owned recursively by root
after chap6, and find a way to make the kernel only allow root to run objects
owned by root. This would let user bin install whatever they want, and root's
security should be unchanged, or even a bit better.
More information about the hlfs-dev