On Thu, 01 Mar 2007 23:21:36 -0000, Dan Nicholson <[EMAIL PROTECTED]>
wrote:
> On 3/1/07, Brian <[EMAIL PROTECTED]> wrote:
>> Please could someone spell out the reason for building software as an
>> unprivileged user? This is recommended in the BLFS book and elsewhere
>> (though not in LFS), but I can't find a full explanation.
>>
>> If running 'make' as root could (accidentally? maliciously?) trash my
>> system, doesn't the same apply when I have to run 'make install' as
>> root?
>> Is there any qualitative difference in security risk?
>>
>> (The reason I'm asking, in case you're interested, is that I'm
>> automating
>> the build using a simple bash script for each package, and it would be
>> simpler to run everything as root rather than having to add 'sudo' to my
>> system, which is the only other way I can see of doing it.)
>
> You pretty much hit the nail on the head. In LFS, we don't have an
> unprivileged user in the chroot, so we do everything as root. In BLFS,
> though, the main idea is that you don't want to be root unless you
> absolutely have to be.
>
> I've heard of errors building as root such as with the kernel, but
> never seen it myself. I build everything as root for the same reason
> that to try to sanely drop and raise privileges from within a script
> is a big hassle.
<snip>
Yes, though I assume a script of the form:
configure
make
sudo make install
would do the trick, but I was reluctant to add 'sudo' to my BLFS in case
that itself caused vulnerabilities if I configured it wrongly (I suppose I
could always remove it after it had done its job). Also, I wanted to be
sure I wasn't missing any other subtle reason not to build as root.
Thanks to everyone who replied to my query. I think for the moment I'll go
ahead and run scripts as root to construct my base system, and then use
'su' when installing the odd additional package.
--
http://linuxfromscratch.org/mailman/listinfo/blfs-support
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
