Re: [Ltib] How to use LTIB w/o root?

[Stuart Hughes]

Hi Grant,

I need to correct a misunderstanding.  LTIB needs you to setup sudo root 
access for rpm (to build an NFS mountable area with the devices, owners, 
permissions etc).   However you are only ever running as root during the 
install phase of rpm building.  Not only that, but there are many checks 
to make sure that ltib cannot write outside your project area.  Does 
that reassure you or do you still have concerns?

Note that on popular distros like Ubuntu a normal user is automatically 
enabled to run any command as 'sudo root' and that seems to be 
universally accepted.  From my point of view there are 2 security issues 
running as root:

1/ Malicious access by unauthorised users.  I discount this because 
whether you're root or not if you have physical access to a machine, you 
can pull disks out or simply reboot with 'init=/bin/sh' and do what you 
want anyway.

2/ Accidental destruction, e.g. 'sudo rm -rf * /' (I accidentally hit a 
space), or a program malfunctions.  In the case of LTIB, there have so 
far never been any reports of accidental deleting of files outside the 
project area.  I thought about this carefully and there are extensive 
safeguards in LTIB.  The code is there for you to check if you like.

I am behind bitshrine.org.  It was setup to provide bulk storage as I 
don't think the Savannah project 
(http://savannah.nongnu.org/projects/ltib) would be the right place to 
stage the 12GB of download area.  Why are you paranoid what do you 
fear?. LTIB  is a completely open project.

Regards, Stuart

Grant Edwards wrote:
> On Tue, Jun 09, 2009 at 10:01:38AM +0800, Daniel Widyanto wrote:
> > I agree with you. 
> >
> > The current LTIB uses root account to keep the
> > cross-toolchain, downloaded package, git scripts, etc at /opt.
>
> Keeping that stuff somewhere else would be trivial.  The tricky
> part is creating the root filesystem image that contains things
> like device nodes and files belonging to root.  Still, all of
> the other embedded Linux frameworks seem to manage fine without
> root privileges.
>
> > I'm running it under Ubuntu with sudo, so its root privilege
> > is quite limited to /opt/ltib/usr/bin/rpm and /usr/bin/rpm
> > command.
>
> Right, but you can do a lot of damage with an RPM spec file.
>
> > The good thing is that you can run VirtualBox
> > (http://www.virtualbox.org) to run Ubuntu/Fedora on Windows
> > (or Linux). I've tried that, and works on me.
>
> I know I can do that, but I don't feel like I should have to. I
> just checked buildroot, and that doesn't require root either.
> Am I the only one who sees LTIB as an issue when evaluating
> Freescale parts.  If anybody from Freescale is listening: lack
> of support for a mainstream build system isn't helping the
> Power QUICC family any.  And I wasn't too impressed when the
> NXP FAE was in the other day flogging LTIB.  [In the NXP case,
> it turns out to be a moot point -- none of the NXP parts have a
> "ready" line for their external bus interface, so they can't
> talk to our peripherals anyway."
>
> And who or what is "bitshrine.org"?  Is it just a Freescale
> sockpuppet?  I can't find a single shred of info on who's
> behind bitshrine.  Maybe I'm just paranoid...