| 1 |
On Fri, Jan 12, 2007 at 10:46:36PM +0000, Stephen Bennett wrote: |
| 2 |
> > On Sat, 2007-01-13 at 00:53 +0900, Georgi Georgiev wrote: |
| 3 |
> > They have to be able to read /usr/games/lib. |
| 4 |
> In which case adding the portage user to the games group seems overall |
| 5 |
> to be a better solution than requiring root privileges to build. |
| 6 |
The problem then is that when sandbox is not used (no |
| 7 |
FEATURES=usersandbox), the portage user has too much access to the games |
| 8 |
stuff in general. |
| 9 |
|
| 10 |
The vpopmail stuff has/has a similar issue (upstream is working on |
| 11 |
solving it via a different avenue at which point the problem will go |
| 12 |
away). |
| 13 |
|
| 14 |
There is a little bit of well-audited code that runs setgid vpopmail |
| 15 |
with privilege separation stuff. This is so that it can authenticate |
| 16 |
against a file that contains a password (for connecting to MySQL for |
| 17 |
user verification). However, if you need to link against it during the |
| 18 |
build process, you need to either be root, or be in the group with |
| 19 |
access to the file you are linking against. |
| 20 |
|
| 21 |
Putting the portage user into the special group would mean that somebody |
| 22 |
could steal the MySQL password - so do you RESTRICT=userpriv, or fail |
| 23 |
the build? |
| 24 |
|
| 25 |
-- |
| 26 |
Robin Hugh Johnson |
| 27 |
Gentoo Linux Developer |
| 28 |
E-Mail : robbat2@g.o |
| 29 |
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 |
Archives