Leonard den Ottolander wrote:
> Hello Nico,
>
> On Thu, 2010-12-16 at 15:20 -0500, Nico Kadel-Garcia wrote:
>> On Thu, Dec 16, 2010 at 11:00 AM, Leonard den Ottolander
>> > /usr/src/redhat and sub dirs are owned root.root. If you want to build
>> > as a normal user (and you should!) you should fix the ownership of
>> > those directories.
>>
>> NO. Never do this.
>
> Why would that be a problem?
One possibility: suppose someone cracks in as the user that owns those
directories. They could then install whatever they want in there... and
the next time you built and installed something, it could carry their
payload.
mark