On Saturday 13 January 2007 05:17, Georgi Georgiev wrote: > > Something similar could be done about userpriv. Another red letter > indicating that a package will compile as root (and the user is free to > go ahead or abort as they see fit). The letter can be green if userpriv > is not in FEATURES. > > The problem I am having with RESTRICT=userpriv is that it is *silent* > about what it does. If there were some indication I would have been > happy. Anyone else feel the same way?
I think you should understand that as a security measure neither the sandbox nor userpriv have any value. userpriv is only used during compilation (and as the portage user which might not be the most secure option). The sandbox only works for dynamically linked applications. Userpriv does not work during the install phase (when things need to be done as root). The sandbox is trivially circumvented by unsetting LD_PRELOAD. Now understand the trust placed into the hands of the developers. Paul -- Paul de Vrieze Gentoo Developer Mail: [EMAIL PROTECTED] Homepage: http://www.devrieze.net
pgpCFSOXjVR4C.pgp
Description: PGP signature
