Date: Fri, 2 Jul 110 11:26:09 -0700 (PDT) From: Jim Dennis <jimd@mistery.mcafee.com> To: tcg@ime.net Cc: fqueries@jraynard.demon.co.uk, dwhite@resnet.uoregon.edu, questions@FreeBSD.org Subject: Re: src tree owners Message-ID: <201007021826.LAA23381@mistery.mcafee.com> In-Reply-To: <31D9552A.2988@ime.net> from "Gary Chrysler" at Jul 2, 96 12:58:18 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > James Raynard wrote: > > > > Is it safe to chown the src tree so one can use it without > > > > having to be su. > > > > Is there a `proper` way for this? > > > Why? You have to be su to write to anything in there by default (and I > > > know this from many personal experieneces forgetting to su to root before > > > editing my kernel config :-). > > Erm, perhaps that was why he was asking? :-) > > Thanks James.. :) > > > In any event, you have to be root to be able to *install* anything > > you've built from the source tree, so there doesn't seem to be a great > > deal of point in changing it. > > Yes, I understand the need to be root for install. No problem. > But what about general editing of the source. > I would like to make it so *I* don't have to su. > It's very anoying to get into tweaking a source file, Go to save > and it pops up `Read Only`! > > I know, su'ing first will solve that problem.. :) > > > On Unix, the `proper` way is for configuration files to be owned by > > root - it's not a good idea to allow just anybody to change them! > > I Agree! My question was/is about the Source tree! You might consider simply adding yourself to the 'bin' group (and setting the SGID bit on the directories). The default configuration seems to leave the sources g+w and owned by root.bin. In a multi-user environment you should consider installing tripwire and being particularly careful to monitor it for source tree changes. Anyone who can get a simply change into any source file -- and get 'root' to build it can effectively take control of the entire system. (This is true of the system binaries as well -- but more insidious). > -Enjoy > Gary > ~~~~~~~~~~~~~~~~ > Improve America's Knowledge... Share yours > The Borg... Where minds meet > (207) 929-3848
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201007021826.LAA23381>