When building various packages from source, I'm a little unclear on  
why I should or should not be root.  I'm looking for input from folks  
on this question, primarily from a security point of view, but all  
comments are appreciated.

When I was first learning Linux, I did everything as root.  Then I  
read in various places "you don't need to be root to compile  
something, just to install it.  never compile as root".  So that's  
what I started doing.  I had my normal user account owning the source  
files, with write permission in /usr/local/src.

It makes sense to me to do as little as possible as root.  At the  
least, it means that if I fat-finger something the damage will be  
contained.  I image there are probably other issues I'm not aware of,  
but always doing things with as few privilges as necessary seems like  
a good idea.

Now I'm wondering if this is the 'right' way to do things.  For things  
like Apache, wouldn't it be safer if the source files were owned by  
root rather than by me?  Or doesn't it make any difference?  On both  
RedHat and Debian, /usr/local/src comes owned by root:root, and is  
chmoded 755.  That seems to say 'nobody but root should write here'.

What do y'all think?

alex
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss