At Thu, 16 Dec 2010 21:26:19 +0000 (GMT) CentOS mailing list centos@centos.org wrote:
On Thu, 16 Dec 2010, m.roth@5-cent.us wrote:
To: CentOS mailing list centos@centos.org From: m.roth@5-cent.us Subject: Re: [CentOS] Building packages using RPMBUILD
Leonard den Ottolander wrote:
Hello Nico,
On Thu, 2010-12-16 at 15:20 -0500, Nico Kadel-Garcia wrote:
On Thu, Dec 16, 2010 at 11:00 AM, Leonard den Ottolander
/usr/src/redhat and sub dirs are owned root.root. If you want to build as a normal user (and you should!) you should fix the ownership of those directories.
NO. Never do this.
Why would that be a problem?
One possibility: suppose someone cracks in as the user that owns those directories. They could then install whatever they want in there... and the next time you built and installed something, it could carry their payload.
That's a good point, bu if they get in as root, they can access any build branch they want to, under any user account.
If they get in as root, you are totally hosed and probably need to do a wipe and re-install.
Keith