On 2010-08-12 18:10 +0200, Arthur Machlas wrote: > Isn't there a risk in granting user access to src, adm, and such if > ever your user account is compromised?
This depends on how the computer is used, I suppose. On personal desktops/laptops, giving intruders access to these groups is the least of your worries, because your private data are 1000 times more sensitive. > My uninformed opinion is that > it's a question of relative risk; the 'risk' involved in building > kernels as root, versus the risk involved in giving access to these > dirs and tools should your account become compromised. The kernel releases are cryptographically signed¹, and it is certainly a good idea to verify them before building and installing a kernel. Sven ¹ http://www.kernel.org/signature.html -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87y6cb4uhy....@turtle.gmx.de
