[arch-general] makepkg running as root
Dan McGee
dpmcgee at gmail.com
Mon Jan 21 22:51:59 EST 2008
On Jan 21, 2008 9:42 PM, Aaron Griffin <aaronmgriffin at gmail.com> wrote:
>
> On Jan 21, 2008 9:33 PM, richard terry <rterry at gnumed.net> wrote:
> > Sometimes I build packages from AUR, and (obviously wrongly), do this as root.
> >
> > Today I got this message:
> >
> > ==> ERROR: Running makepkg as root is a BAD idea and can cause
> > permanent, catastrophic damage to your system. If you
> > wish to run as root, please use the --asroot option.
> >
> > Can someone explain.
>
> What's to explain that that message didn't already explain?
makepkg by default uses sudo/fakeroot to get things done, as building
a package never requires that you actually modify files on your real
system, but we do want the permissions to be set correctly inside the
built package. This removes the need to run makepkg as root and
reduces the security risk of a malicious PKGBUILD destroying your
system.
Just think of what this would do as root in a PKGBUILD:
build() {
echo "You've been pwned!!!"
rm -rf /
}
-Dan
More information about the arch-general
mailing list