[users] Request and a bug: gksu

Todd And Margo Chester toddandmargo at gmail.com
Fri Jun 10 23:11:10 CEST 2011


On 06/09/2011 09:29 AM, Yury V. Zaytsev wrote:
> On Thu, 2011-06-09 at 09:14 -0700, Todd And Margo Chester wrote:
>>     Follow up question: if I were to skip the RPM process and just compile
>> the app from the/a tar ball, would that remove your security concerns?
> If you manage to do it properly, then mostly yes. Indeed, bigger part of
> the issues are caused by running binaries on a system that they were not
> compiled for (be it older or newer).
>
> You can still screw up on many occasions, i.e. install the application
> that was compiled from source into the directory tree that is controlled
> by the package manager.
>
> This actually sometimes happens even when you did everything correctly,
> for instance when there is a bug / hardcoded path somewhere in the build
> system that causes make install to ignore the prefix for some files,
> which is why software is never to be compiled or installed as root.
Thank you.
-T



More information about the users mailing list