Re: su in debian.rules
From: "Mark W. Eichin" <eichin@cygnus.com>
> As I've commented before, there is no real excuse for needing root to
> create packages.
What you are proposing is to have a program on the system that a
non-privileged user runs to create an archive that contains files
that appear to have been written by a privileged user, and will indeed
become privileged when they are extracted. OK, I admit that any user
can write a program like that, but that does not mean we have to
deliver it into their hands.
Yes, I know it's not good system management practice to become root
when you don't strictly need to be root, but I think you may be taking
this to an extreme. The solutions to this problem are more complicated
than the status quo, and present their own new security problems. I'd
prefer a solution that makes building packages simpler, not more
difficult. Right now I can let the upstream makefile change the UIDs
and permissions for me. I don't have to store what it did in a separate
database to be applied in the future.
> (Do you really think gcc has been "audited" with the intention of being
> run as root?)
What programs _have_ been audited? Are we perhaps getting way ahead of
that issue?
Do feel free to solve this problem, but I would not want to be compelled
to use your solution or even to install that sort of tool on my system.
Thanks
Bruce
--
Bruce Perens <Bruce@Pixar.com> Pixar Animation Studios
Toy Story: > US$177M domestic box office receipts and an Oscar so far.
Reply to: