1 |
Nikos Chantziaras wrote: |
2 |
> On 09/11/2010 11:35 PM, Dale wrote: |
3 |
>> Alan McKinnon wrote: |
4 |
>>> Apparently, though unproven, at 11:46 on Saturday 11 September 2010, |
5 |
>>> Albert |
6 |
>>> Hopkins did opine thusly: |
7 |
>>> |
8 |
>>>> On Sat, 2010-09-11 at 10:24 +0200, Stéphane Guedon wrote: |
9 |
>>>>> few months ago, I read linux kernel in a nutschell(sic), and the |
10 |
>>>>> author |
11 |
>>>>> wrote we shouldn't do kernel operations (config and build) as root. |
12 |
>>>> I call bullsh*t. I've been compiling kernels for 17 years and for the |
13 |
>>>> most part have done it as root without any problems. |
14 |
>>> Same here. |
15 |
>>> |
16 |
>>> The root user (sometimes portage) creates /usr/src/linux-* |
17 |
>>> |
18 |
>>> Someone tell me again exactly how user alan is supposed to build those |
19 |
>>> sources? |
20 |
>>> |
21 |
>> |
22 |
>> If they are accessible by a user, couldn't a user then edit or add |
23 |
>> something that would then cause a security problem? If they can edit |
24 |
>> them and no one know it, then root comes along and builds a shiney new |
25 |
>> kernel with a really nice security hole. |
26 |
>> |
27 |
>> Glad only root can get to the sources. ;-) |
28 |
> |
29 |
> No, any user can't edit them; only the user you assign the files to. |
30 |
> If you assign them to root, only root can edit them. If you assign |
31 |
> them to kerneluser, only kerneluser can edit them. |
32 |
> |
33 |
> This is Unix 101 :) |
34 |
> |
35 |
> |
36 |
|
37 |
My point was, if the sources are say in the user group, then any user |
38 |
can edit them? Right now, they are in the root group and owned my root |
39 |
which for security reasons is a good idea. That way a regular user |
40 |
can't edit or modify the kernel sources. |
41 |
|
42 |
Dale |
43 |
|
44 |
:-) :-) |