Date: Tue, 13 Nov 2007 18:50:39 -0800 From: Greg Minshall <minshall@acm.org> To: Garrett Cooper <youshi10@u.washington.edu> Cc: ports@freebsd.org, Doug Barton <dougb@freebsd.org>, Stefan Sperling <stsp@stsp.name> Subject: Re: [PATCH] portmaster with SU_CMD Message-ID: <20071114025039.7A6835DC5@gregtx.cliq.com> In-Reply-To: Your message of "Mon, 12 Nov 2007 10:24:19 PST." <47389A53.20207@u.washington.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
this died down while i was disconnected, and i don't want to fan flames, but two minor points: 1. the issue of how much of the time to run as root is one of personal preference (aesthetics, religion, if you prefer). a lot of people are happy having windows logged in as root up all the time; other people want to be root as little as possible. 2. if someone can hack my personal account, they can control the machine by setting up trapdoors (that probably i, at least, wouldn't notice until it was too late). that means 2 things: a) the security problems Garrett pointed out in being able to compile as non-root aren't really an issue, since, again, if they become me, it's all over. b) to a large extent, the security issues i might worry about leaving root windows on my machine aren't really an issue, because i leave *me* on my machine, and, again, if they become me, it's all over. (but, again, for *me*, it's mostly principle/aesthetics/religion [in addition to trying to protect the machine from my own fumble fingers].) all this without arguing for the portmaster changes one way or the other, as i don't know or use portmaster. cheers, Greg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071114025039.7A6835DC5>