[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Ltib] How to use LTIB w/o root?
|
From: |
Grant Edwards |
|
Subject: |
Re: [Ltib] How to use LTIB w/o root? |
|
Date: |
Tue, 9 Jun 2009 09:19:44 -0500 |
|
User-agent: |
Mutt/1.5.19hg (2009-01-14) |
On Tue, Jun 09, 2009 at 09:05:26AM +0100, Stuart Hughes wrote:
> I need to correct a misunderstanding. LTIB needs you to setup
> sudo root access for rpm (to build an NFS mountable area with
> the devices, owners, permissions etc). However you are only
> ever running as root during the install phase of rpm building.
Yes, I'm aware of that.
> Not only that, but there are many checks to make sure that
> ltib cannot write outside your project area. Does that
> reassure you or do you still have concerns?
I'd still be more comfortable if root access wasn't required.
It seems to be something that's been managed by other build
systems (e.g. OE, uclinux-dist, buildroot) -- though I'm not
sure exactly how they do it.
> Note that on popular distros like Ubuntu a normal user is
> automatically enabled to run any command as 'sudo root' and
> that seems to be universally accepted.
Without a password?
> From my point of view there are 2 security issues running as
> root:
>
> 1/ Malicious access by unauthorised users. I discount this
> because whether you're root or not if you have physical
> access to a machine, you can pull disks out or simply
> reboot with 'init=/bin/sh' and do what you want anyway.
True.
> 2/ Accidental destruction, e.g. 'sudo rm -rf * /' (I
> accidentally hit a space), or a program malfunctions. In
> the case of LTIB, there have so far never been any reports
> of accidental deleting of files outside the project area.
> I thought about this carefully and there are extensive
> safeguards in LTIB. The code is there for you to check if
> you like.
I'm more concerned about bugs in the install and post-install
scripts in the RPM spec files. One presumes those are running
with root privledges?
> I am behind bitshrine.org. It was setup to provide bulk
> storage as I don't think the Savannah project
> (http://savannah.nongnu.org/projects/ltib) would be the right
> place to stage the 12GB of download area. Why are you
> paranoid what do you fear?.
I was just concerned because
1) I've had uniformly miserable experiences with development
software from silicon vendors in the past. That's the one
thing in the industry that seems to have been a constant
over the past 25 years. I'd be rather hesitant to use LTIB
if Freescale or NXP has any significant influence over the
project.
One presentation on LTIB I found was very explicit about
how Freescale controls all of the packages and all packages
have to be submitted to and approved by Freescale. While
that's OK for something used on an eval board, I don't
think that's acceptible for production use.
2) I could find no indication who owned bitshrine.org. The
whois results showed it to be a "hidden" registration (only
the hosting company's name was available).
> LTIB is a completely open project.
Thank you for your reassurances.
--
Grant
- [Ltib] How to use LTIB w/o root?, Grant Edwards, 2009/06/08
- [Ltib] How to use LTIB w/o root?, Daniel Widyanto, 2009/06/08
- Re: [Ltib] How to use LTIB w/o root?, Grant Edwards, 2009/06/08
- Re: [Ltib] How to use LTIB w/o root?, Stuart Hughes, 2009/06/09
- Re: [Ltib] How to use LTIB w/o root?,
Grant Edwards <=
- Re: [Ltib] How to use LTIB w/o root?, Stuart Hughes, 2009/06/09
- Re: [Ltib] How to use LTIB w/o root?, Stuart Hughes, 2009/06/09
- Re: [Ltib] How to use LTIB w/o root?, Ryan Nowakowski, 2009/06/27
- Re: [Ltib] How to use LTIB w/o root?, Stuart Hughes, 2009/06/30