Proposal: rpm-4.2.2 should refuse to build as root
Paul Nasrat
pauln at truemesh.com
Wed Dec 31 13:53:08 UTC 2003
On Wed, Dec 31, 2003 at 02:42:00AM -1000, Warren Togami wrote:
> Proposal
> ========
> rpm-4.2.2 in rawhide and all future versions should refuse to install
> SRPMS & build packages as root by default. Optionally add a .rpmmacro
> option to re-enable it, but only mention that option for advanced users
> on rpm.org to really discourage its use.
I don't think it's rpm's role to enforce policy, and I would not be happy to
see this enforced in the program. The correct way for FC2 to enforce policy
restrictions is through selinux, although I'd need to have a sit down with the
docs and think but I'm pretty sure you could have a swbuild_r with appropriate
dir privs.
Paul
More information about the fedora-devel-list
mailing list