Re: World writable tarballs

From: Joshua Hudson
Date: Sun Apr 30 2006 - 12:32:37 EST

Next message: masouds: "[BUG] VIA quirk fixup failure after 2.6.17-rc3"
Previous message: Alistair John Strachan: "Re: [discuss] [RFC] make PC Speaker driver work on x86-64"
In reply to: Matthew Reppert: "Re: World writable tarballs"
Next in thread: Valdis . Kletnieks: "Re: World writable tarballs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Isn't it just an extra ten seconds to type the 'sudo' in front of 'make
modules_install' and enter your password? I guess I totally don't get
it.

No sudo.
Besides, the next command after make modules_install is mount.

Besides, if it weren't the fact that the tarball has world-writable files, this
would be more secure than compiling as a normal user. Instead of just
hijacking some user account, they now have to do that followed by
somehow getting my root password.

I disallowed password authentication for root over ssh some time ago.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: masouds: "[BUG] VIA quirk fixup failure after 2.6.17-rc3"
Previous message: Alistair John Strachan: "Re: [discuss] [RFC] make PC Speaker driver work on x86-64"
In reply to: Matthew Reppert: "Re: World writable tarballs"
Next in thread: Valdis . Kletnieks: "Re: World writable tarballs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]