Slosh wrote:
On Wed, 2004-05-19 at 18:50, Col wrote:
Christopher Sawtell wrote:
On Wednesday 19 May 2004 17:35, Don Gould wrote:
Why shouldn't I compile as root?Because one day, either directly, or indirectly using a Trojan of some kind, somebody is going to attempt to do something nasty to your machine. Indeed that person may, accidentally, be you. If you run their hidden program as root they will get root and have control of your machine. If they are nice they will only persuade you to run 'rm -rf /' ( Why don't you try it? :-) and all you will have to do is to reload the file-set, complete with the invisible trojan, from backup. On the other hand they may well have a much more insidious criminal intent, and you will end up attempting to explain to a very suspicious Mr. Plod that you did not do what you appear to have done. As a minimum, you'll end up having to find several thousand Reserve Bank purchasing tokens to pay for the excess ip traffic.
On the other hand if you have only user privileges they can only damage that which is in your home directory. The Linux system itself is unharmed.
For more comprehensive explanations see what Google has to say on the matter:-
http://www.google.co.nz/linux?q=%22compile+as+root%22&hl=en&lr=&ie=UTF-8&start=0&sa=N
IOW: Just don't do it. EVER, or read mail, or do the IRC thing, as root.
Is there a way to avoid this then?
$ emerge -u world emerge: root access required.
Cheers
Col.
This is something nifty someone showed me a while ago that most people here probably already know about, so I'll get here first :D.
I usually just run as a normal user and then use
$ su -c "<some command>"
when I need to do something as root. It will run just the command inside
the "". Unfortunately it doesn't support auto-completion inside the
quotation marks.
True, but emerge is still going to compile the gentoo updates as root.
Col.
