-
-
Notifications
You must be signed in to change notification settings - Fork 812
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
safer 'install' task #61
Conversation
may get high permission when installing change behavior to avoid dangerous building while installing now installation will never do building
'safe_config' will never recheck safer to be used in 'install'
Ok, I'll find a better solution to fix this problem in the next few days. Thanks. : ) |
I have found an example: if run linuxbrew as root, linuxbrew will give a note then stop $ sudo brew
W: be careful as root.
========================================================================
You may want to update following environments after installed linuxbrew.
PATH, MANPATH, INFOPATH
(example: /usr/share/doc/linuxbrew-wrapper/examples/profile)
========================================================================
Don't run this as root! |
Ok, thanks for your advice. I am solving this problem, please wait some time. : ) |
You can try the lastest commit 235bb96 from dev branch firstly. And I will continue to improve some details in future. |
Would you add a note displaying like brew? |
Ok, I will add it. |
I have add it for checking root. You can see the following tips: $sudo xmake
|
I see. Good job! 🍺 |
This pull request is trying to fix a problem about security
When installing something, users take it for granted to give command higher permission. I think most users use
sudo xmake install
instead ofxmake install
, because installing will put files into paths like/usr/local
and root permission is required.That is the problem. I found xmake will always build the target before installing even if it has been built before. And the building is a latent danger. For example, a bad man replace the compiler like gcc, and while installing, the fake gcc will get root permission to do something bad.
There are two solutions to avoid this. One is to set permission lower by process self before actual installation. Another is to do least things with high permission. My solution is to let task 'install' avoid building and use 'safe_config' which will not reconfig instead of 'config'. When users directly do task 'install' without building before, they will get a note to do building.
Also, except security, the build by root will generate result files with wrong owner. On my computer, after installation, I couldn't even delete 'build' dir without
sudo
My solution may be not perfect enough. Please do not merge easily. But the secure problem must be fixed.