Re: building 2.6.35
On 2010-08-12 18:10 +0200, Arthur Machlas wrote:
> Isn't there a risk in granting user access to src, adm, and such if
> ever your user account is compromised?
This depends on how the computer is used, I suppose. On personal
desktops/laptops, giving intruders access to these groups is the least
of your worries, because your private data are 1000 times more
sensitive.
> My uninformed opinion is that
> it's a question of relative risk; the 'risk' involved in building
> kernels as root, versus the risk involved in giving access to these
> dirs and tools should your account become compromised.
The kernel releases are cryptographically signed¹, and it is certainly a
good idea to verify them before building and installing a kernel.
Sven
¹ http://www.kernel.org/signature.html
Reply to: