[pacman-dev] [PATCH] Remove --asroot switch from makepkg.
louipc.ist at gmail.com
Wed Jun 18 13:29:23 EDT 2008
On Wed, Jun 18, 2008 at 06:02:37PM +0200, Miklos Vajna wrote:
> but as long as this is not the case, running makepkg as root or _any
> other valuable user_ makes no sense.
> i think this is a point many makepkg user miss: for example if the
> buildscript has 'rm -rf ~' in build(), then it's possible that the
> problem will be bigger if you run it as your own user!
Yeah I agree there. Losing my user data would be just as catastrophic as
losing the entire system, yet makepkg does nothing to protect against
that. I still run builds as a regular user occaisionally though.
> to sum up: we encourage users to run makepkg as root, because this way
> it can drop privileges as a separate user where makepkg can't do
> anything problematic.
This is how aurbuild works, and I think someone patched srcpac to run
builds as nobody. I don't think it's something that should be part of
makepkg though. I'd try to keep makepkg itself as simple and straight
forward as possble.
More information about the pacman-dev