[CentOS] Building packages using RPMBUILD

Thu Dec 16 21:26:19 UTC 2010
Keith Roberts <keith at karsites.net>

On Thu, 16 Dec 2010, m.roth at 5-cent.us wrote:

> To: CentOS mailing list <centos at centos.org>
> From: m.roth at 5-cent.us
> Subject: Re: [CentOS] Building packages using RPMBUILD
> 
> Leonard den Ottolander wrote:
>> Hello Nico,
>>
>> On Thu, 2010-12-16 at 15:20 -0500, Nico Kadel-Garcia wrote:
>>> On Thu, Dec 16, 2010 at 11:00 AM, Leonard den Ottolander
>>>> /usr/src/redhat and sub dirs are owned root.root. If you want to build
>>>> as a normal user (and you should!) you should fix the ownership of
>>>> those directories.
>>>
>>> NO. Never do this.
>>
>> Why would that be a problem?
>
> One possibility: suppose someone cracks in as the user that owns those
> directories. They could then install whatever they want in there... and
> the next time you built and installed something, it could carry their
> payload.

That's a good point, bu if they get in as root, they can 
access any build branch they want to, under any user 
account.

Keith

-- 
In theory, theory and practice are the same;
in practice they are not.

This email was sent from my laptop with Centos 5.5