On Wed, Jun 18, 2008 at 01:29:23PM -0400, Loui <[EMAIL PROTECTED]> wrote: > > to sum up: we encourage users to run makepkg as root, because this way > > it can drop privileges as a separate user where makepkg can't do > > anything problematic. > > This is how aurbuild works, and I think someone patched srcpac to run > builds as nobody. I don't think it's something that should be part of > makepkg though. I'd try to keep makepkg itself as simple and straight > forward as possble.
ah, great. though i would suggest allocating a separate user for this purpose, like our fst or gentoo's portage user. i guess Arch uses nobody for webservers as well, so nobody has write access to forum attachements and such. ps: now if you call me paranoid, you are right. i *am* paranoid. :)
pgpUsvRNmN7xR.pgp
Description: PGP signature
_______________________________________________ pacman-dev mailing list pacman-dev@archlinux.org http://archlinux.org/mailman/listinfo/pacman-dev
