[poldek home]

5. Security issues

Although there is not known security problems, it is strongly recommended to use poldek as an ordinary user and use the root privileges for package installation and removal only. It is possible in two ways with help of sudo command.

5.1. Using sudo

Setting on use sudo configuration opinion causes execution of rpm binary through sudo for read-write operations. The rest is of the operations may work without super user privileges.

Of course it is necessary to configure sudo to allow the user to run rpm binary.

5.2. Automatic switching to an ordinary user

There is more automated way of using sudo. Configured by runas option poldek will automatically switch to an ordinary user if detects beeing executed by root. To setup this scenario, set runas option:

runas = poldek

and configure “poldek” user account. There is poldekuser-setup.sh script which automates user account configuration supplied with poldek.