[sbopkg-discuss] Re: Package ownership

T2F bkirkp at gmail.com
Wed Feb 11 01:41:07 UTC 2009 



On Feb 10, 6:45 pm, Chess Griffin <ch... at chessgriffin.com> wrote:
> * T2F <bki... at gmail.com> [2009-02-10 15:39:47]:
>
>
>
> > Can someone explain to me why sbopkg insists that the package belong
> > to root:root? I keep my sandbox with the rest of my data on a server
> > partition where the files are owned by bill:data & permissioned 664. I
> > have an hourly cron job that sees to the proper permissions. If I
> > build a package & install it immediately, I have no problems, but if I
> > go back later, for example to install it on my laptop, I have to
> > install from the command line. installpkg has no problems with
> > ownership, why should sbopkg?
> > Regards,
> > Bill
>
> Well, this was added to prevent a potential security risk since sbopkg
> had the capability of being run as a root or non-root user.  Howevever,
> this restriction may be eliminated as we are currently discussing
> removing the ability to run sbopkg as a non-root user and require it to
> be run as root only, just like pkgtool, slackpkg, etc.  In fact, I was
> going to post something here to the ML asking whether anyone really
> needed the ability to use sbopkg as a non-root user.  The current
> 'user-mode' in sbopkg is deficient in many ways, and causes problems
> such as this one you raise.
>
> In my opinion, I think sbopkg should be just like those other tools and
> require root permissions to run.  If that was the case, then I do not
> believe it would need to check for ownership or permissions of packages.
>
> In the meantime, if you want to comment out lines 1572-1576 in
> /usr/bin/sbopkg that will skip this check.
>
> --
> Chess Griffin
>
Hi, Chess,
Yep, I had found those lines, but haven't yet commented them out. Will
do so. I think requiring "root" to run is a good idea.
Regards,
Bill

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "sbopkg-discuss" group.
To post to this group, send email to sbopkg-discuss at googlegroups.com
To unsubscribe from this group, send email to sbopkg-discuss+unsubscribe at googlegroups.com
For more options, visit this group at http://groups.google.com/group/sbopkg-discuss?hl=en
-~----------~----~----~----~------~----~------~--~---

More information about the sbopkg-users mailing list