| 1 |
Alan McKinnon wrote: |
| 2 |
> Apparently, though unproven, at 11:46 on Saturday 11 September 2010, Albert |
| 3 |
> Hopkins did opine thusly: |
| 4 |
> |
| 5 |
> |
| 6 |
>> On Sat, 2010-09-11 at 10:24 +0200, Stéphane Guedon wrote: |
| 7 |
>> |
| 8 |
>>> few months ago, I read linux kernel in a nutschell(sic), and the author |
| 9 |
>>> wrote we shouldn't do kernel operations (config and build) as root. |
| 10 |
>>> |
| 11 |
>> I call bullsh*t. I've been compiling kernels for 17 years and for the |
| 12 |
>> most part have done it as root without any problems. |
| 13 |
>> |
| 14 |
> Same here. |
| 15 |
> |
| 16 |
> The root user (sometimes portage) creates /usr/src/linux-* |
| 17 |
> |
| 18 |
> Someone tell me again exactly how user alan is supposed to build those |
| 19 |
> sources? |
| 20 |
> |
| 21 |
> |
| 22 |
|
| 23 |
If they are accessible by a user, couldn't a user then edit or add |
| 24 |
something that would then cause a security problem? If they can edit |
| 25 |
them and no one know it, then root comes along and builds a shiney new |
| 26 |
kernel with a really nice security hole. |
| 27 |
|
| 28 |
Glad only root can get to the sources. ;-) |
| 29 |
|
| 30 |
Dale |
| 31 |
|
| 32 |
:-) :-) |
Archives