Proposal: rpm-4.2.2 should refuse to build as root
Panu Matilainen
pmatilai at welho.com
Fri Jan 2 13:00:55 UTC 2004
On Wed, 31 Dec 2003, Alan Cox wrote:
> On Wed, Dec 31, 2003 at 05:09:39PM +0200, Panu Matilainen wrote:
> > Building rpm's as root IS incredibly bad idea which should be discouraged.
> > Even worse when no buildroot is used - once you've seen a package
> > which (re)moves stuff in /usr/lib during build...
>
> And you think that building it non root then running it as root is any safer ?
Of course not. But the way rpmbuild environment is set to /usr/src/redhat
does very little to discourage users from building as root when there's no
reason to do so.
>
> Also please remember FC2 goals include SELINUX so package building becomes
> a role if anything
You can make it into a role but I don't see much reason to do so:
package building doesn't require any special privileges (Makefiles
creating /dev entries etc not counting, those can be arranged by other
means)
- Panu -
More information about the fedora-devel-list
mailing list