Re: [Chicken-users] Re: chicken-install should use sudo -v

[John Cowan]

Ivan Raikov scripsit:

>    I agree that chicken-install should not use sudo. The implicit
> invocation of sudo violates the principle of least astonishment, and
> presents a potential risk for users who do not understand the security
> implications of this approach. 

I don't see that using a switch which is not the default, and is
documented to invoke sudo, counts as "implicit invocation".  I'd call
that explicit invocation.

> The sudo mode is bad idea, has no precedent in similar systems, such
> as PLT Scheme and Hackage, and should not be used.

Every other system I know has separated build and install phases,
so you can explicitly run the install phase with elevated privilege.
In some cases, building and installing happen on different systems,
as in the typical use of apt-get and similar tools.

Unfortunately, in order to build a Chicken extension foo that depends
on extension bar, bar must be built *and installed* before foo can
be built.  So the alternative is to do building with elevated privilege
("sudo chicken-install foo bar") or to use the -s option, which at least
builds with only normal privilege.  A third alternative would be to break
up the process, to build bar, install bar with privilege, build foo, and
install foo with privilege, but this is very inconvenient for the user,
who currently doesn't even have to know the dependencies of extensions.

So please give me an idea of what you propose.
-- 
"The serene chaos that is Courage, and the phenomenon   address@hidden
of Unopened Consciousness have been known to the        John Cowan
Great World eons longer than Extaboulism."
"Why is that?" the woman inquired.
"Because I just made that word up", the Master said wisely.
        --Kehlog Albran, The Profit             http://www.ccil.org/~cowan