Re: Request for Review: dhcp-forwarder, dietlibc, ip-sentinel, util-vserver + xca

[Michael Schwendt <bugs michael gmx net>]

On Wed, 30 Mar 2005 18:45:37 +0200, Enrico Scholz wrote:

> >> > BuildRoot:      %_tmppath/%name-%version-%release-buildroot
> >> > The prevered value is
> >> > "%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)" 
> >> 
> >> There is no big difference except the '%(%{__id_u} -n)' which does not
> >> make much sense but adds complexity and gives a false feeling about
> >> security. You have always a race between
> >
> > If memory serves correctly, the %__id_u thing was not for added
> > security, but a somewhat sane default for multi-user environments
> 
> "multi-user environments" implicates security measures.

The obvious thing it does is to choose a different built root for every
user. You don't even know whether the users are trusted or not. If it's a
multi-user environment with untrusted users, overriding build root in
~/.rpmmacros would add security on a per-user basis.