Clarify the INSTALL instructions

Ensure users understand that they need to have appropriate permissions to write to the install location. Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9268)
2024-11-24 10:34:12 +08:00 · 2019-06-28 12:07:55 +01:00 · 2019-06-28 12:07:55 +01:00 · 7c03bb9fff
commit 7c03bb9fff
parent 5c5cdcd815
1 changed files with 20 additions and 2 deletions
--- a/22
+++ b/22
@ -99,6 +99,9 @@
    $ nmake test
    $ nmake install

+ Note that in order to perform the install step above you need to have
+ appropriate permissions to write to the installation directory.
+
 If any of these steps fails, see section Installation in Detail below.

 This will build and install OpenSSL in the default location, which is:
@ -108,6 +111,12 @@
           OpenSSL version number with underscores instead of periods.
  Windows: C:\Program Files\OpenSSL or C:\Program Files (x86)\OpenSSL

+ The installation directory should be appropriately protected to ensure
+ unprivileged users cannot make changes to OpenSSL binaries or files, or install
+ engines. If you already have a pre-installed version of OpenSSL as part of
+ your Operating System it is recommended that you do not overwrite the system
+ version and instead install to somewhere else.
+
 If you want to install it anywhere else, run config like this:

  On Unix:
@ -941,8 +950,11 @@
       $ mms install                                    ! OpenVMS
       $ nmake install                                  # Windows

-     This will install all the software components in this directory
-     tree under PREFIX (the directory given with --prefix or its
+     Note that in order to perform the install step above you need to have
+     appropriate permissions to write to the installation directory.
+
+     The above commands will install all the software components in this
+     directory tree under PREFIX (the directory given with --prefix or its
     default):

       Unix:
@ -998,6 +1010,12 @@
                        for private key files.
         misc           Various scripts.

+     The installation directory should be appropriately protected to ensure
+     unprivileged users cannot make changes to OpenSSL binaries or files, or
+     install engines. If you already have a pre-installed version of OpenSSL as
+     part of your Operating System it is recommended that you do not overwrite
+     the system version and instead install to somewhere else.
+
     Package builders who want to configure the library for standard
     locations, but have the package installed somewhere else so that
     it can easily be packaged, can use