On Aug 8, 2020, at 14:07, David Naumann wrote:
> On 8/7/20, 7:07 PM, "Ryan Schmidt" wrote:
>
> On Aug 7, 2020, at 10:43, David Naumann wrote:
>
>> Dear Ryan,
>> thanks very much for helping. After deleting build/* it worked fine.
>> About macports user, I removed that since it's not necessary and I prefer to
>> minimize potential security vulnerabilities.
>
> Allowing MacPorts to use its own limited privilege user account improves
> security by minimizing the damage that a port installation could do.
>
> That makes sense to me. But I'd like to understand how that account's
> credentials are managed before I re-install that way. I looked in the
> MacPorts Guide under internals but didn't find anything about security. Is
> there some documentation?
>
I don't know. What do you mean by "how that account's credentials are managed"?
MacPorts creates the user account during MacPorts installation. As far as I
know, it does not have the ability for anyone to log into it. It is
unprivileged; it does not have permission to modify system files or those of
other users. MacPorts switches to this user to do port builds, so that they
cannot inadvertently (or maliciously) modify your system or user files.
