From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1NJHRs-0006Im-7Z for garchives@archives.gentoo.org; Sat, 12 Dec 2009 02:11:08 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 57744E08C5 for ; Sat, 12 Dec 2009 02:11:07 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 83072E058F for ; Sat, 12 Dec 2009 01:05:43 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id 0C2D167DE6 for ; Sat, 12 Dec 2009 01:05:43 +0000 (UTC) X-Virus-Scanned: amavisd-new at gentoo.org X-Spam-Score: -2.553 X-Spam-Level: X-Spam-Status: No, score=-2.553 required=5.5 tests=[AWL=0.046, BAYES_00=-2.599] Received: from smtp.gentoo.org ([127.0.0.1]) by localhost (smtp.gentoo.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id btyI5IW6rzqD for ; Sat, 12 Dec 2009 01:05:36 +0000 (UTC) Received: from lo.gmane.org (lo.gmane.org [80.91.229.12]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTP id 111D91B4059 for ; Sat, 12 Dec 2009 01:05:34 +0000 (UTC) Received: from list by lo.gmane.org with local (Exim 4.50) id 1NJGQ6-0007k7-DK for gentoo-dev@gentoo.org; Sat, 12 Dec 2009 02:05:14 +0100 Received: from ip68-231-21-207.ph.ph.cox.net ([68.231.21.207]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 12 Dec 2009 02:05:14 +0100 Received: from 1i5t5.duncan by ip68-231-21-207.ph.ph.cox.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 12 Dec 2009 02:05:14 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: gentoo-dev@lists.gentoo.org From: Duncan <1i5t5.duncan@cox.net> Subject: [gentoo-dev] Re: [RFC] Enable userpriv by default? Support RESTRICT=userpriv? Interaction with prefix in EAPI 3? Date: Sat, 12 Dec 2009 01:03:40 +0000 (UTC) Message-ID: References: <4B22A759.1090509@gentoo.org> <1260571567.12483.0.camel@lillen.dodi> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: ip68-231-21-207.ph.ph.cox.net User-Agent: Pan/0.133 (House of Butterflies) Sender: news Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 415dc9c4-f4db-4d08-8b97-7ce52cf61685 X-Archives-Hash: 56f23aad05c3bff9fc88dda5d0664d84 Peter Hjalmarsson posted on Fri, 11 Dec 2009 23:46:07 +0100 as excerpted: > fre 2009-12-11 klockan 12:11 -0800 skrev Zac Medico: >> Should we enable FEATURES=3Duserpriv by default? If we do that then do= we >> also need to support RESTRICT=3Duserpriv? Maybe RESTRICT=3Duserpriv sh= ould >> not be supported on the grounds that it is never justified? What about >> prefix support (in EAPI 3), which often doesn't have root privileges? >=20 > That would be problematic for hardened, as they set the permission for > /usr/src/* to root only. Wouldn't setting it as its own user, say kernelcomp, and su/sudoing to=20 that before dealing with the kernel sources, be better? Kernel docs have= =20 long said don't compile sources as root, tho obviously for installing=20 them you normally need to be root. FWIW, my (non-gentoo-related) kernel scripts use a non-root user, tho=20 it's my normal admin user (not my user user) that has blanket sudo=20 without password permission, but it could be a dedicated one just as=20 easily. I'd expect hardened to be even more particular about compiling=20 as root, tho I see why general access isn't allowed. But dedicated user=20 seems good. Even if that's done, however, it'll take some time to update and test. =20 But it could be made the default before that, and hardened could set its=20 own default elsewise. --=20 Duncan - List replies preferred. No HTML msgs. "Every nonfree program has a lord, a master -- and if you use the program, he is your master." Richard Stallman