[Slackbuilds-users] a general question about the SlackBuilds

Robby Workman rworkman at slackbuilds.org
Mon May 7 04:14:17 UTC 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Iskar Enev wrote:

> I friend of mine has brought up a question about the SlackBuilds and i 
> think he may be right.
> 
> The scripts, the way they are made by Patrick and by slackbuilds.org, 
> are supposed to be run as root. Running 'make install' as root could 
> pose security issues, at least - some sources with bad Makefiles could 
> place files outside $DESTDIR without the package builder be aware of it.


Doing *anything* as root can pose a security risk.  In fact, short of
auditing the source code (and even then, there's no guarantee), you
can never be sure that you're safe, regardless of the user under whose
account you run something.  Have a look at this:
http://www.openssh.org/txt/trojan.adv

In reference to placing things outside DESTDIR, well, it happens. :)
That's why I (and I'm guessing others) always test scripts using a
non-privileged user account first.  That's not to say that bad things
can't happen anyway, but it minimizes the risk.


> As user this problem can be avoided, but the script has to be "split" in 
> two parts - first, run as user, before the 'makepkg' command and second 
> one, run as root, where one changes the ownership and permissions of 
> files and  directories and runs 'makepkg.'
> 
> Of course there would be some problems - such script will require su or
> sudo, and if the 'make install' command creates some special ownership 
> the package builder has to fix it manually. Example for the latter - 
> mysql and the ownership of /var/lib/mysql.


Exactly.  In other words, doing it that way gives us the perception of
increased security (while the benefit is marginal at best) while
complicating things quite a bit.  As I see it, the introduces needless
complexity to the entire process while offering very little (if any)
positive benefit, so...


> I'm not aware if that has been discussed previously, or is considered as 
> a minor problem, but let me know of your opinion anyway.


Remember: simple is good!  :)

RW

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.3 (GNU/Linux)

iD8DBQFGPqeYjQG6fL2aiA4RAt6+AKCFU58a+/oaJg0UN937fgJONk3LnACfQYxO
HuqRck4l3gPNeEz5nDnXwSA=
=aTI0
-----END PGP SIGNATURE-----


More information about the Slackbuilds-users mailing list