On Monday 03 September 2007 10:40:39 William Xu wrote: > > It's more than that. It's the portage *BUILD*DIRECTORY* (which just > > happens to be short-lived, not temp), that's where all your merges are > > built. Just like you don't want to give just anyone the ability to > > overwrite your binaries in /bin, you also don't want to give just > > anyone the ability to overwrite the same binaries while they are being > > built. > > But I think giving group and others proper read and execute access is > safe enough. Like everybody can read things under /bin.
The problem is that during unpack and compile the permissions on the files in the work dir could be anything depending on the permissions inside the tarball the files might come from or depending on the build scripts (which may be run as root)... E.g. if you get access to even enter the work dir during unpack and the unpacked files are world writeable then you can modify the build scripts before they get chmod'ed by portage at the end of the unpack and allow arbitrary code to be run later during the build as root... -- Bo Andresen
signature.asc
Description: This is a digitally signed message part.
