| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
On 07/05/2012 06:23 AM, Matthew Marlowe wrote: |
| 5 |
>> The Linux kernel should not and really must not be built as root. |
| 6 |
>> This is neither supported nor recommended nor tested by upstream. |
| 7 |
>> You may recall there was a kernel build system bug which ran -rf / |
| 8 |
>> which would be bad if you built as root. |
| 9 |
>> |
| 10 |
>> The administrator usually has a normal user account somewhere. Use |
| 11 |
>> that to build. |
| 12 |
>> |
| 13 |
> |
| 14 |
> Maybe it's just the sysadmin in me, and being used to logging into |
| 15 |
> hundreds of boxes where the only non-root accounts are dedicated to |
| 16 |
> specifics apps which have specific reasons to limit their security |
| 17 |
> access (nginx/etc), but the concept that simply compiling a kernel as |
| 18 |
> root being a dangerous operation -- seems twisted. From a system |
| 19 |
> reliability point of view, compiling a kernel should be something I |
| 20 |
> can do on all boxes when if needed and the only account that I can |
| 21 |
> ensure exists on all boxes is root. |
| 22 |
> |
| 23 |
> Still, I guess it makes sense from the perspective of the kernel |
| 24 |
> developers and we're stuck with that, although -- the gloating over |
| 25 |
> 'rm -rf' seems overdone. |
| 26 |
> |
| 27 |
> In any case, if we must go down this road..than the proper solution is |
| 28 |
> to treat the kernel like any other security sensitive app. Create a |
| 29 |
> new designated user for compiling kernels - call it 'kernel' and over |
| 30 |
> time we'll grow used to it being on all boxes. We can adjust our |
| 31 |
> automated kernel building scripts to su to the kernel user before |
| 32 |
> issuing make commands/etc and the makefile can terminate abnormally if |
| 33 |
> it detects it is being run from any other user than 'kernel'. |
| 34 |
> |
| 35 |
> |
| 36 |
portage already has a portage user which is used to build (or pretty |
| 37 |
much do) everything else if you set FEATURES="userpriv usersync |
| 38 |
usersandbox" so do we really need a kernel user to build the kernel? How |
| 39 |
about a kde user to build kde? I for one do not need a new user on my |
| 40 |
system every time I want to build something new. For all I care, build |
| 41 |
as nobody, but adding a kernel user is ridiculous. |
| 42 |
|
| 43 |
- -Zero |
| 44 |
|
| 45 |
-----BEGIN PGP SIGNATURE----- |
| 46 |
Version: GnuPG v2.0.19 (GNU/Linux) |
| 47 |
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ |
| 48 |
|
| 49 |
iQIcBAEBAgAGBQJP9Z6OAAoJEKXdFCfdEflKhMsQAIBaqxWhRzkRmdYGajqItyKV |
| 50 |
DHAIE6LyY9lQ08rHV8eWXi/lKjUamM22wRrvOiHg/z0Cwu1shHgQtsuxJZZ3bJ6W |
| 51 |
hkvNLMOEkUaGlWFwhwYfUKWXDgS01eJc7OAF63Vxfgq+F8kpdM5SajeAVh+6XRp6 |
| 52 |
ea2NB1ywmqChqXc5M/ZkA28Y2IzT8hyrdiqFG5n0d63W8vt39kTgBpNkrJvoBEbh |
| 53 |
s7Fpmli+RTlR8bGjYVyAuimUQfL3R+GulbI+5JEseVCzCs8VeoY/Ab0s0XctA+hx |
| 54 |
LRa1SzUG2rP8UjMoVZYFnxvVp0YX76t3b50qL+USyq0VDdEeoi4XzxMzVcKnkkb7 |
| 55 |
lBtlkp4IwsxC9NfDb2aYM5iStGo1nTSJ/nK6XIbl8ePYCh2iuq9mFFrZAURUUqpS |
| 56 |
hdd21VchpyC2exuvg1tImmddetiPE0aiwQUqAOVQEwIZ/ViWDdRCjkk7sN3y039A |
| 57 |
it/Ddr5DGe7P/TzPq2Q5mNlaonVbGrqz5dqObfky0oYzqHoRb06+PGq1fjNXWx/s |
| 58 |
WtqnaJHH86kol/AIsMpN/0FRQ2bGzDibG3VLezjklpmxczPqq9CQWuYzRqRw5q57 |
| 59 |
9/8LO7aPsEAIW/7+Y+pe2asTI1ZfUJIUsmDvQqZKA2oeJ3kqa4dtLyqv2bgfAi8R |
| 60 |
DAV8uC+2xbRFlas47b7F |
| 61 |
=NhiX |
| 62 |
-----END PGP SIGNATURE----- |
Archives