rpm-4.2.2 should refuse to build as root
Michael Dickson
mike.dickson at earthlink.net
Wed Dec 31 18:14:29 UTC 2003
> Warren Togami wrote:
>
> > Proposal
> > ========
> > rpm-4.2.2 in rawhide and all future versions should refuse to install
> > SRPMS & build packages as root by default. Optionally add a .rpmmacro
> > option to re-enable it, but only mention that option for advanced users
> > on rpm.org to really discourage its use.
This is creeping featurism. Security policies should be enforced
through a seperate mechanism (like SELinux which has been suggested) and
not new options or switches in programs.
Mike
More information about the devel
mailing list