Doing "update-eix-remote -h" on version 0.9.1 gives output including: "It is strongly recommended to use the update/fetch commands only as root or with the -u "nobody" option or with very limited permissions." I really have no idea what it means.
can you rephrase it then? I think you get what it means. run as (root+-u nobody) || unprivileged user
Drop the first 'or'? :)
(In reply to comment #1) > run as (root+-u nobody) || unprivileged user No, that's a misunderstanding. It means as it says: root || -u nobody || unprivileged user Each of these should be fine from a security viewpoint (although the second might require the existence of a password for "nobody"). (The reason why root is OK is that this defaults to -u nobody; here I tacitly assume that the user understands that being root and using e.g. -u root would be stupid.) So roughly speaking, the only insecure case is being a non-root user with relatively high permissions and not using -u user_with_low_permissions. Suggestions for better formulations are welcome, but they should not be longer than 1-2 lines, since otherwise most people won't read them.
(In reply to comment #3) > No, that's a misunderstanding. It means as it says: > root || -u nobody || unprivileged user Well, that doesn't make much sense to vast majority of users who read this, as you can see from this bug. :)
obviously invalid. Otherwise please provide a solution.
Proposed rephrasing: It is strongly recommended to use the update/fetch commands with very limited permissions. Permissions are dropped when run as root or with the "-u nobody" option. Don't use "-u root".
(In reply to comment #5) > obviously invalid. Huh? That text plain doesn't make sense, what's obviously invalid about this?
(In reply to comment #7) > That text plain doesn't make sense I don't agree: The text was correct (syntactically and semantically). Anyway, the suggested reformulation will be contained in the next eix version, because it is clearer and not too long.
thanks, new version in portage now.
