Changeset 2904 in project for wiki/chicken-setup
- Timestamp:
- 01/23/07 08:53:48 (14 years ago)
- File:
-
- 1 edited
-
wiki/chicken-setup (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
wiki/chicken-setup
r2798 r2904 546 546 547 547 548 === Security 549 550 When extensions are downloaded and installed one is executing code 551 from potentially compromised systems. This applies also when {{chicken-setup}} 552 executes system tests for required extensions. As the code has been 553 retrieved over the network effectively untrusted code is going to be 554 evaluated. When {{chicken-setup}} is run as ''root'' the whole system 555 is at the mercy of the build instructions (note that this is also 556 the case every time you install software via {{sudo make install}}, so this 557 is not specific to the CHICKEN extension mechanism). 558 559 Security-conscious users should never run {{chicken-setup}} as root. 560 A simple remedy is to set the environment variable {{CHICKEN_REPOSITORY}}, 561 which will transparently place the repository at an arbitrary user-selected 562 location. Alternatively obtain write/execute access to the default location 563 of the repository (usually {{/usr/local/lib/chicken}}) to avoid running 564 as root. 565 566 548 567 === Other modes if installation 549 568
Note: See TracChangeset
for help on using the changeset viewer.
