|
|
|
|
|
|
by guns
5428 days ago
|
|
|
While I agree that installing programs as an unprivileged user is appropriate, installing programs as an unprivileged user to a global executable directory is misguided. `/usr/local/bin` is typically in root's PATH, so root will faithfully search for programs in this directory. If root (or an admin group) does not have sole write privileges to that directory, it becomes a very easy to exploit privilege escalation vulnerability. What _is_ risky about running `sudo make install` and the like, is that the Makefile may have malicious / risky code that may get executed as root. Summary: If you trust / verify the code you are installing, and you want it to be globally available, install it with sudo. If you aren't willing to install as root, but want it to be available to a group of users, install to another directory not in root's PATH. Otherwise just install to ~/bin |
|
|