1 |
Nikos Chantziaras wrote: |
2 |
> On 09/11/2010 11:49 PM, Dale wrote: |
3 |
>> Nikos Chantziaras wrote: |
4 |
>>> On 09/11/2010 11:35 PM, Dale wrote: |
5 |
>>>> Alan McKinnon wrote: |
6 |
>>>>> Apparently, though unproven, at 11:46 on Saturday 11 September 2010, |
7 |
>>>>> Albert |
8 |
>>>>> Hopkins did opine thusly: |
9 |
>>>>> |
10 |
>>>>>> On Sat, 2010-09-11 at 10:24 +0200, Stéphane Guedon wrote: |
11 |
>>>>>>> few months ago, I read linux kernel in a nutschell(sic), and the |
12 |
>>>>>>> author |
13 |
>>>>>>> wrote we shouldn't do kernel operations (config and build) as root. |
14 |
>>>>>> I call bullsh*t. I've been compiling kernels for 17 years and for |
15 |
>>>>>> the |
16 |
>>>>>> most part have done it as root without any problems. |
17 |
>>>>> Same here. |
18 |
>>>>> |
19 |
>>>>> The root user (sometimes portage) creates /usr/src/linux-* |
20 |
>>>>> |
21 |
>>>>> Someone tell me again exactly how user alan is supposed to build |
22 |
>>>>> those |
23 |
>>>>> sources? |
24 |
>>>>> |
25 |
>>>> |
26 |
>>>> If they are accessible by a user, couldn't a user then edit or add |
27 |
>>>> something that would then cause a security problem? If they can edit |
28 |
>>>> them and no one know it, then root comes along and builds a shiney new |
29 |
>>>> kernel with a really nice security hole. |
30 |
>>>> |
31 |
>>>> Glad only root can get to the sources. ;-) |
32 |
>>> |
33 |
>>> No, any user can't edit them; only the user you assign the files to. |
34 |
>>> If you assign them to root, only root can edit them. If you assign |
35 |
>>> them to kerneluser, only kerneluser can edit them. |
36 |
>>> |
37 |
>>> This is Unix 101 :) |
38 |
>>> |
39 |
>>> |
40 |
>> |
41 |
>> My point was, if the sources are say in the user group, then any user |
42 |
>> can edit them? Right now, they are in the root group and owned my root |
43 |
>> which for security reasons is a good idea. That way a regular user can't |
44 |
>> edit or modify the kernel sources. |
45 |
> |
46 |
> The group can only write if the files have the group write permission |
47 |
> set. Still in Unix 101 domain, hehe :) |
48 |
> |
49 |
|
50 |
I know that. Why would a person want anyone BUT root to be able to |
51 |
access and change the kernel sources? Lets see if asking it this way |
52 |
makes more sense. lol |
53 |
|
54 |
Dale |
55 |
|
56 |
:-) :-) |