Re: building 2.6.35

To: debian-user@lists.debian.org
Subject: Re: building 2.6.35
From: Sven Joachim <svenjoac@gmx.de>
Date: Thu, 12 Aug 2010 19:21:29 +0200
Message-id: <[🔎] 87y6cb4uhy.fsf@turtle.gmx.de>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] AANLkTikqRfH+fg3zvS3qYNPmFieSKPzEs0j-Sw_T=qkb@mail.gmail.com> (Arthur Machlas's message of "Thu, 12 Aug 2010 11:10:16 -0500")
References: <[🔎] 20100811213312.GD14317@dementia.proulx.com> <[🔎] 399638650.38733.1281620510281.JavaMail.root@md01.wow.synacor.com> <[🔎] AANLkTikqRfH+fg3zvS3qYNPmFieSKPzEs0j-Sw_T=qkb@mail.gmail.com>

On 2010-08-12 18:10 +0200, Arthur Machlas wrote:

> Isn't there a risk in granting user access to src, adm, and such if
> ever your user account is compromised?

This depends on how the computer is used, I suppose.  On personal
desktops/laptops, giving intruders access to these groups is the least
of your worries, because your private data are 1000 times more
sensitive.

> My uninformed opinion is that
> it's a question of relative risk; the 'risk' involved in building
> kernels as root, versus the risk involved in giving access to these
> dirs and tools should your account become compromised.

The kernel releases are cryptographically signed¹, and it is certainly a
good idea to verify them before building and installing a kernel.

Sven

¹ http://www.kernel.org/signature.html

Reply to:

References:
- Re: building 2.6.35
  - From: Bob Proulx <bob@proulx.com>
- Re: building 2.6.35
  - From: Stephen Powell <zlinuxman@wowway.com>
- Re: building 2.6.35
  - From: Arthur Machlas <arthur.machlas@gmail.com>

Prev by Date: Re: A question about rsync's behaviour
Next by Date: Re: building 2.6.35
Previous by thread: Re: building 2.6.35
Next by thread: Re: building 2.6.35
Index(es):
- Date
- Thread