On 01/01/2014 06:25 PM, Eliezer Croitoru wrote:
Hey John,
Thanks!
On 02/01/14 02:14, John R Pierce wrote:
Its the principle of least privilege.
You don't need to be root to compile software, or to test software in a local directory, you only need root privileges to install it to a system directory. When you're developing, building, testing software, there's a very good chance of something going wrong, so if you are running as a non-root user, the potential damages are minimized.
OK so as long as I can understand the meaning of compiling as non-root user is to be careful with your system.
I would say that my conclusion is that if there is a very big system it is better to let the root user which understand the meaning of this system and to operate it.
A simple testing machine which has error correction mechanism in it should be OK.
I can see couple issues from my mind and vision but it seems like most software in CentOS will be safe to be compiled as root user.(I am testing a tiny simple piece of software)
To corrupt a system in a level which it cannot be recognized that you have changed it you must be something like GOD or something in the same level.
Things like, if the RPM does not properly config the target during the build, instead of installing into $RPM_BUILDROOT and trying to package up the RPM, it might install it to /usr/lib/ accidentally, etc.
Some software is written poorly.
If we are talking CentOS / Red Hat / Fedora type packages then most of the time nowadays those SRPMs should be built inside of mock anyway to get a clean buildroot.