[mikepurvis]

It depends whether you trust the tool maintainers more than the package definition maintainers. I certainly would. But don't take my word for it— here's a MacPorts developer explaining the sandboxing of builds:

https://apple.stackexchange.com/a/106942

[Wowfunhappy]

> Directories listed in multiple users' $PATH that are writable without superuser privileges can be used for attacks (e.g., by placing a sudo binary that will log the password there). The same can be done by malicious software running as your user in order to get your password

Yikes. That particular attack did not occur to me.

[lucideer]

Thank you for this link. This is the first robust argument for running as root that I've seen, and completely upends my assumptions.

I'd been considering trying macports but this has convinced me.