Proposal: rpm-4.2.2 should refuse to build as root
Ralf Corsepius
corsepiu at faw.uni-ulm.de
Wed Dec 31 17:08:59 UTC 2003
On Wed, 2003-12-31 at 16:09, Panu Matilainen wrote:
> On Wed, 31 Dec 2003, Chris Ricker wrote:
>
> > On Wed, 31 Dec 2003, Warren Togami wrote:
> >
> > > Proposal
> > > ========
> > > rpm-4.2.2 in rawhide and all future versions should refuse to install
> > > SRPMS & build packages as root by default. Optionally add a .rpmmacro
> > > option to re-enable it, but only mention that option for advanced users
> > > on rpm.org to really discourage its use.
> >
> > I disagree. Save your personal policy decisions for yourself -- don't make
> > them everyone's.
>
> Building rpm's as root IS incredibly bad idea which should be discouraged.
> Even worse when no buildroot is used - once you've seen a package
> which (re)moves stuff in /usr/lib during build...
IMO, it is a design flaw in rpm/rpmbuild/macros not to provide a safe
default for RPM_BUILD_ROOT
> I very much agree with Warrens proposal to simply disallow rpmbuild as
> root.
I am opposed to it. If a user is building rpms as root, he is working as
root and should be aware about the risks of working a root. If following
Warren's logic other tools like "rm" also should refuse to work as root.
However, I am not opposed to a warning about building as root.
> Even more, I'd like to see rpm *require* use of buildroot.
IMO, this is a different issue and should be addressed. I haven't tried
to, but I think providing a reasonable default in /usr/lib/rpm/macros
would be sufficient.
Ralf
More information about the devel
mailing list