One nice feature of Portage is that it can drop privileges and compile as a less privileged user. It can also sandbox most phases of the installation. This tip shows you how to enable these features of Portage to increase the security of your system.
The first step is to create the portage user and group accounts. Portage will use these accounts when running its processes.
groupadd -g 250 portage
useradd -u 250 -g 250 -s /bin/false portage
The next step is to fix the ownership on the areas portage will need access to. By default, these directories are /usr/portage, /var/tmp/portage.
chown -R portage:portage /usr/portage
chown -R portage:portage /var/tmp/portage
If you’ve specified different locations in /etc/make.conf, you will need to ensure that portage has the proper ownership on PORTAGE_TMPDIR, PORTDIR, DISTDIR, PKGDIR, PORT_LOGDIR, and PORTDIR_OVERLAY.
After the ownership has been set properly, you need to enable the features for privilege separate in /etc/make.conf. To do this, you need to edit the FEATURES line.
FEATURES=”sandbox userpriv usersandbox”
Portage is now set up to drop root privileges and build packages under the portage user account. To test it, use the command top. When you have top open, type u to display processes for a specific user, and type portage at the prompt to display processes for portage. Now emerge something, and watch as the portage user shows up as the owner of all the commands.