Scott D Yelich <[EMAIL PROTECTED]> writes:
> bingo. Lets say I had your setup. Fine, I type make and it uses "cc"
> .. which, if it's sunpro, is better than gcc anyway,
That's a matter of opinion.
> but *if* I wanted to compile using gcc? How would I do that? I'd have to
> dig through the source until I found the "tricks" ...
I read the install file and noted that it talked about modifying lots of
files that started with conf-. I thought "huh, wonder what all there is."
I did an ls conf-*, saw conf-cc and conf-ld, figured I'd better edit them,
and did.
It could stand a single line at the top of INSTALL, sure.
But if you actually read the make output after it fails:
( cat warn-auto.sh; \
echo CC=\'`head -1 conf-cc`\'; \
echo LD=\'`head -1 conf-ld`\' \
) > auto-ccld.sh
is kinda obviously pointing at the files to change, I'd say.
>> Don't create multiple UID 0 accounts. You'll horribly regret it later.
>> Been there, done that.
> Why do people say this? What the hell does it matter?
* You're allowing multiple access paths to what should be the most secure
account on your system. You now have *multiple* potentially
compromised passwords rather than just one. You have to check and
maintain all of them. Not good.
* Stuff gets confused. You already gave an example of that yourself.
* You lose simple auditing. Rather than checking for root logins, you
now have to check for logins on a bunch of random accounts.
* No one expects there to be multiple UID 0 accounts, since that's not
the way a Unix system normally works. So they do things under the
assumption there's only one UID 0 account and you can get security
holes that way.
* Those extra accounts look like normal accounts but can't be dealt with
via normal account management policies. Real example (yes, this
actually happened): Someone was cleaning up after an employee who left
the company and was using admintool to delete his accounts (yes, I
know, first mistake...). Deleted the UID 0 account. Checked the box
for "remove home directory" since it was the default. Whoops.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
