When building various packages from source, I'm a little unclear on
why I should or should not be root. I'm looking for input from folks
on this question, primarily from a security point of view, but all
comments are appreciated.
When I was first learning Linux, I did everything as root. Then I
read in various places "you don't need to be root to compile
something, just to install it. never compile as root". So that's
what I started doing. I had my normal user account owning the source
files, with write permission in /usr/local/src.
It makes sense to me to do as little as possible as root. At the
least, it means that if I fat-finger something the damage will be
contained. I image there are probably other issues I'm not aware of,
but always doing things with as few privilges as necessary seems like
a good idea.
Now I'm wondering if this is the 'right' way to do things. For things
like Apache, wouldn't it be safer if the source files were owned by
root rather than by me? Or doesn't it make any difference? On both
RedHat and Debian, /usr/local/src comes owned by root:root, and is
chmoded 755. That seems to say 'nobody but root should write here'.
What do y'all think?
alex
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)