On Wed, Jun 18, 2008 at 06:02:37PM +0200, Miklos Vajna wrote:
but as long as this is not the case, running makepkg as root or _any other valuable user_ makes no sense.
i think this is a point many makepkg user miss: for example if the buildscript has 'rm -rf ~' in build(), then it's possible that the problem will be bigger if you run it as your own user!
Yeah I agree there. Losing my user data would be just as catastrophic as losing the entire system, yet makepkg does nothing to protect against that. I still run builds as a regular user occaisionally though.
to sum up: we encourage users to run makepkg as root, because this way it can drop privileges as a separate user where makepkg can't do anything problematic.
This is how aurbuild works, and I think someone patched srcpac to run builds as nobody. I don't think it's something that should be part of makepkg though. I'd try to keep makepkg itself as simple and straight forward as possble.