From: Daniel J. <dan...@gm...> - 2010-08-13 21:17:22
|
On Apr 14, 2010, at 10:38 AM, Max Horn wrote: > > Am 14.04.2010 um 03:57 schrieb JF Mertens: > >> Max Horn <max <at> quendi.de> writes: >> >>> 2) Are there any particular reasons why this isn't the default by now >>> in general? >> >> Breaks ccache as is _ > > Can you elaborate a bit in how far this breaks ccache? I use ccache and ccache-default and so far never had issues with --build-as-nobody. > > >> and it might be a much worse security risk >> to make ccache dirs writeable by nobody than whatever would be gained . > > Making ccache dirs readable for nobody would of course be a very bad thing, but I don't quite see how this relates, as "build as nobody" really builds as "fink-bld" (at least when passwd is installed), so if one wants to use ccache with this option, one just has to set it up for fink-bld and make sure that no non-admin can sniff files owned by fink-bld, which seems to be a good idea anyway. > >> In principle, it should suffice to run a pkg this way once, before committing > > This is true if and only if *every* packages is checked this way before committing, I think. And the only way to ensure that seems to be to make it default... so... :). > >>> As it is, I just always add this when building stuff, unless I forget... >> >> I never did, till today _ that's how I noticed the above .. > > See, another reason to make it default -- I am sure many other people like you never use --build-as-nobody, and are maybe not even aware of it :) I've just put a patch up on the tracker that makes --build-as-nobody the default. I used BuildAsNobody: false as a new field that packages can use to override the setting, and --no-build-as-nobody can also be used. I know for a fact that tar and fink itself need BuildAsNobody: false. :) We still need to decide what to do about passwd, though. Here's the link: https://sourceforge.net/tracker/?func=detail&aid=3044604&group_id=17203&atid=317203 Daniel |