1 |
maillog: 11/01/2007-17:02:48(+0000): Ciaran McCreesh types |
2 |
> On Thu, 11 Jan 2007 11:56:09 -0500 Mike Frysinger <vapier@g.o> |
3 |
> wrote: |
4 |
> | On Wednesday 10 January 2007 20:01, Ciaran McCreesh wrote: |
5 |
> | > On Wed, 10 Jan 2007 19:56:00 -0500 Mike Frysinger |
6 |
> | > <vapier@g.o> |
7 |
> | > | as stated in original e-mail, unattended/sandbox are just some |
8 |
> | > | examples, not the only ones |
9 |
> | > |
10 |
> | > So which RESTRICT values *should* the user legitimately have to care |
11 |
> | > about? |
12 |
> | |
13 |
> | On Wednesday 10 January 2007 16:40, Chris Gianelloni wrote: |
14 |
> | > I am a user. I don't want any of my compiles executing with |
15 |
> | > elevated privileges. I have FEATURES=userpriv. Package foo has |
16 |
> | > RESTRICT=userpriv. I don't have ACCEPT_RESTRICT=userpriv. When I |
17 |
> | > try to install package foo, it fails, because I don't want to allow |
18 |
> | > RESTRICT=userpriv. |
19 |
> |
20 |
> Bogus argument. If an ebuild were truly doing something naughty with |
21 |
> elevated privs, it could just do it in one of the pkg_ phases. Since |
22 |
> userpriv isn't a security feature, there's no advantage for the end |
23 |
> user in restricting based upon it. |
24 |
> |
25 |
> So again, which RESTRICT variables should the user legitimately have to |
26 |
> care about? |
27 |
|
28 |
I agree that if an ebuild wants to misbehave it can and there is no |
29 |
stopping it. However, code that is executed in pkg_* is generally |
30 |
restricted to code written by the person who is involved in maintaining |
31 |
the ebuild. It is easy to read that code and see what it does. In |
32 |
contrast, the stuff that is run with lowered privileges is usually coded |
33 |
upstream. I'd like to have that run with lowered privileges, no matter |
34 |
what. |
35 |
|
36 |
-- |
37 |
/ Georgi Georgiev / As in certain cults it is possible to kill / |
38 |
\ chutz@×××.net \ a process if you know its true name. -- \ |
39 |
/ http://www.gg3.net/ / Ken Thompson and Dennis M. Ritchie / |