1 |
On Fri, Jan 12, 2007 at 10:46:36PM +0000, Stephen Bennett wrote: |
2 |
> > On Sat, 2007-01-13 at 00:53 +0900, Georgi Georgiev wrote: |
3 |
> > They have to be able to read /usr/games/lib. |
4 |
> In which case adding the portage user to the games group seems overall |
5 |
> to be a better solution than requiring root privileges to build. |
6 |
The problem then is that when sandbox is not used (no |
7 |
FEATURES=usersandbox), the portage user has too much access to the games |
8 |
stuff in general. |
9 |
|
10 |
The vpopmail stuff has/has a similar issue (upstream is working on |
11 |
solving it via a different avenue at which point the problem will go |
12 |
away). |
13 |
|
14 |
There is a little bit of well-audited code that runs setgid vpopmail |
15 |
with privilege separation stuff. This is so that it can authenticate |
16 |
against a file that contains a password (for connecting to MySQL for |
17 |
user verification). However, if you need to link against it during the |
18 |
build process, you need to either be root, or be in the group with |
19 |
access to the file you are linking against. |
20 |
|
21 |
Putting the portage user into the special group would mean that somebody |
22 |
could steal the MySQL password - so do you RESTRICT=userpriv, or fail |
23 |
the build? |
24 |
|
25 |
-- |
26 |
Robin Hugh Johnson |
27 |
Gentoo Linux Developer |
28 |
E-Mail : robbat2@g.o |
29 |
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 |