Should /usr/local/bin be owned by root?
Package manager Homebrew (I'm on OS X, but I'm curious about Unix-based security in general, as it pertains to directory permissions) set the owner of /usr/local/bin to my user (it's root by default, right?), which means that now I can install executables by simply moving them to /usr/local/bin (no sudo required).
- Am I right about this, that normally
/usr/local/binis owned byroot? - Isn't chowning
/usr/local/binwith your normal user a huge security issue, because now any software that I run can install programs on my behalf without my password being required?
Solution 1:
From their FAQ, this is to avoid the dangerous practice of having to run arbitrary code off the internet as root when installing packages. It's a reasonable compromise for most users - Homebrew's generally used on a single person's development machine, not production multi-user servers.
Homebrew is designed to work without using sudo. You can decide to use it but we strongly recommend not to do so. If you have used sudo and run into a bug then it is likely to be the cause. Please don’t file a bug report unless you can reproduce it after reinstalling Homebrew from scratch without using sudo.
You should only ever sudo a tool you trust. Of course, you can trust Homebrew ;) But do you trust the multi-megabyte Makefile that Homebrew runs? Developers often understand C++ far better than they understand make syntax. It’s too high a risk to sudo such stuff. It could break your base system, or alter it subtly.
And indeed, we’ve seen some build scripts try to modify
/usreven when the prefix was specified as something else entirely.Did you chown root
/Applications/TextMate.app? Probably not. So is it that important tochown root wget?If you need to run Homebrew in a multi-user environment, consider creating a separate user account especially for use of Homebrew.
For why it doesn't just install in your ~, see the earlier FAQ question "Why does Homebrew prefer I install to /usr/local?".