also sprach Christian Jaeger <[EMAIL PROTECTED]> [2002.01.22.0111 +0100]: > Now you may say "don't build packages as root, use fakeroot instead". > Well I have always used it, and somehow thought I'm safe, but I'm > not: the permissions modes (like 4755) make it through to the real > filesystem, only the owner/group is faked. Thus I'm left with > binaries setuid *me* or setgid *my group* afterwards. That's only > slightly better than root, since I'm also the admin and once my > account is hijacked it's not far from being root.
why are your build directories accessible to the world? a simple chmod 0700 ~/deb/build fixes all these problems for me, and persistently... > It seems the only way around this (currently) is to compile packages > in a directory with 0700 permissions. and? what's so wrong with that? -- martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:" [EMAIL PROTECTED] "it appears that pl/i (and its dialects) is, or will be, the most widely used higher level language for systems programming." -- j. sammet
pgpboxEUQe5an.pgp
Description: PGP signature