View previous topic :: View next topic |
Author |
Message |
Saturation n00b
Joined: 29 Mar 2004 Posts: 65
|
Posted: Wed Sep 01, 2004 11:00 am Post subject: Why to unpack as user and not as root? |
|
|
I like to know why people recommend to unpack tarballs as user instead of unpacking them as root.
I am also wondering if I should unpack the kernel tarball from kernel.org as user or as root.
So what is the advantage and what user should I be when I am going to unpack the kernel tarball?
Thanks _________________ EVERYTHING you need to know to SECURE Linux |
|
Back to top |
|
|
toddg n00b
Joined: 08 Apr 2003 Posts: 11 Location: Harrisburg PA
|
Posted: Wed Sep 01, 2004 11:37 am Post subject: |
|
|
If you unpack a tarball as root, most of the time everything in the tarball has root permissions, so you'd have to chmod things so they could be run as a regular user. Not untarring them as root also encourages good security practice of not running things as root --- particularly questionable binaries. In fact, I tend to compile things as a regular user and only make install as root.
As for the kernel question... it doesn't matter too much, but I would stick with untarring as a regular user and doing everything but the actual bzImage install/modules install as a regular user.
hope that helps. |
|
Back to top |
|
|
Saturation n00b
Joined: 29 Mar 2004 Posts: 65
|
Posted: Wed Sep 01, 2004 1:56 pm Post subject: |
|
|
Thanks for the info toddg.
I have one more question. I am setting up a server and I have some packages that I am going to compile, but I don't want that an hacker sees the directories of these packages in my home directory when he get's access to the user account.
So I am thinking of creating them in a directory a normal user can't access. What would be the most secure? Should I unpack them in my home directory as a normal user whereafter I copy them to that unaccessible directory, or should I unpack them in that unaccessible directory as root? _________________ EVERYTHING you need to know to SECURE Linux |
|
Back to top |
|
|
Saturation n00b
Joined: 29 Mar 2004 Posts: 65
|
|
Back to top |
|
|
PowerFactor Veteran
Joined: 30 Jan 2003 Posts: 1693 Location: out of it
|
Posted: Wed Sep 01, 2004 11:16 pm Post subject: |
|
|
Well, I would unpack and compile as the normal user. Then after instalation delete the source tree or move it to the non-user-accessible location.
Though if a cracker manages to gain access to your user account you arent going to stop him from seeing what you've installed just by getting rid of the source trees. |
|
Back to top |
|
|
Saturation n00b
Joined: 29 Mar 2004 Posts: 65
|
|
Back to top |
|
|
|