1 |
Alan McKinnon wrote: |
2 |
> Apparently, though unproven, at 11:46 on Saturday 11 September 2010, Albert |
3 |
> Hopkins did opine thusly: |
4 |
> |
5 |
> |
6 |
>> On Sat, 2010-09-11 at 10:24 +0200, Stéphane Guedon wrote: |
7 |
>> |
8 |
>>> few months ago, I read linux kernel in a nutschell(sic), and the author |
9 |
>>> wrote we shouldn't do kernel operations (config and build) as root. |
10 |
>>> |
11 |
>> I call bullsh*t. I've been compiling kernels for 17 years and for the |
12 |
>> most part have done it as root without any problems. |
13 |
>> |
14 |
> Same here. |
15 |
> |
16 |
> The root user (sometimes portage) creates /usr/src/linux-* |
17 |
> |
18 |
> Someone tell me again exactly how user alan is supposed to build those |
19 |
> sources? |
20 |
> |
21 |
> |
22 |
|
23 |
If they are accessible by a user, couldn't a user then edit or add |
24 |
something that would then cause a security problem? If they can edit |
25 |
them and no one know it, then root comes along and builds a shiney new |
26 |
kernel with a really nice security hole. |
27 |
|
28 |
Glad only root can get to the sources. ;-) |
29 |
|
30 |
Dale |
31 |
|
32 |
:-) :-) |