On 3/1/07, Brian <[EMAIL PROTECTED]> wrote:
Please could someone spell out the reason for building software as an unprivileged user? This is recommended in the BLFS book and elsewhere (though not in LFS), but I can't find a full explanation. If running 'make' as root could (accidentally? maliciously?) trash my system, doesn't the same apply when I have to run 'make install' as root? Is there any qualitative difference in security risk? (The reason I'm asking, in case you're interested, is that I'm automating the build using a simple bash script for each package, and it would be simpler to run everything as root rather than having to add 'sudo' to my system, which is the only other way I can see of doing it.) Thanks, Brian -- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
I build my whole LFS/BLFS system as root, nothing happpened, but as all people aleady explained here, there is a security risk. There are already some tools like JHALFS, but they don't work very well. So you wanted to add a bash file to each package? most of the batch files you're adding are the same, all containing configure, make, make install, and su/sudo. So if you start creating a bash file that works for most of the packages, with su/suo, you can copy that in every package to be automated, and edit it for specific apps that require other configure options. Tijnema
-- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
