[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: RPM roadmapping

From: Alexander Boström <abo kth se>
To: gilboad gmail com, Development discussions related to Fedora Core <fedora-devel-list redhat com>
Cc:
Subject: Re: RPM roadmapping
Date: Mon, 30 Jul 2007 18:35:30 +0200

mån 2007-07-30 klockan 16:51 +0300 skrev Gilboa Davara:

> I second the above.
> Running HTTP/FTP client as root is -not- a god idea.
> 
> Even if HTTP is being pushed to an external plugin that's built around
> wget, this plug must be executed as user/guest and not as root.

Yes, the principle of least privilege does apply here.

Though, I would worry more about the fact that rpm -ivh http://...
doesn't verify any signatures. It's a good idea to:

 wget http://...
 rpm -K foo.rpm
 Look at the result, and then maybe:
 rpm -i foo.rpm

(rpm -K && rpm -i won't do, since it'll say OK for unsigned packages,
IIRC)

Or, even:

 wget http://...
 yum localinstall foo.rpm

Which, in turn, might be possible to simplify?

/abo

Follow-Ups:
- Re: RPM roadmapping
  - From: Kevin Kofler
- Re: RPM roadmapping
  - From: Panu Matilainen

References:
- RPM roadmapping
  - From: Panu Matilainen
- Re: RPM roadmapping
  - From: Kevin Kofler
- Re: RPM roadmapping
  - From: seth vidal
- Re: RPM roadmapping
  - From: Arthur Pemberton
- Re: RPM roadmapping
  - From: Gilboa Davara

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]