[Clfs-support] chroot, mount:: only root can do that
Joe Ciccone
jciccone at gmail.com
Tue Aug 11 16:13:23 PDT 2009
Roy Bekken wrote:
> On Tue, Aug 11, 2009 at 1:55 PM, Joe Ciccone<jciccone at gmail.com> wrote:
>
>> Roy Bekken wrote:
>>
>>> On Tue, Aug 11, 2009 at 1:36 PM, Joe Ciccone<jciccone at gmail.com> wrote:
>>>
>>>
>>>> Just a thought... is the binary owned by uid 501 and +s? If so that
>>>> would cause it to be run as uid 501.
>>>>
>>>>
>>>>
>>> Yes, I just realized that my self.
>>> This should be changed in the book as I got the impression that this
>>> was an optional step(8.6. Changing Ownership)
>>>
>>>
>>>
>> Not optional at all. Why did you get that impression?
>>
>> _______________________________________________
>> Clfs-support mailing list
>> Clfs-support at lists.cross-lfs.org
>> http://lists.cross-lfs.org/listinfo.cgi/clfs-support-cross-lfs.org
>>
>>
> [snip]
> To avoid this issue, add the clfs user to the new CLFS system later
> when creating the /etc/passwd file, taking care to assign it the same
> user and group IDs as on the host system. Alternatively, assign the
> contents of the /tools and /cross-tools directories to user root by
> running the following commands
> [/snip]
>
> It says “alternatively” leading me to think its a local security issue
> only and not something that must be done. What it actually says is add
> clfs user and give it the ownership if them... english it not my
> primary language so I can be wrong.
>
> Since I have my build script in a subdir of /tools I skipped it to
> keep my normal users having write rights to them from the host.
>
Fair enough, Will have to get that updated. Making a note.
More information about the Clfs-support
mailing list