Re: packagemaker newbie - permissions issue
Re: packagemaker newbie - permissions issue
- Subject: Re: packagemaker newbie - permissions issue
- From: Greg Neagle <email@hidden>
- Date: Tue, 23 Jun 2009 08:50:26 -0700
As a Mac OS X systems administrator, I find software that modifies
files inside its own application bundles evil, and would encourage you
to rethink that design decision. It makes it extremely difficult to
store out malicious modifications from benign modifications.
I'd also urge you to consider making the file in /Library/Application
Support/Rising Software read-only, and copying it to ~/Library/
Application Support/Rising Software, where you can modify it in the
user's home dir, but this is a matter of preference as long as the
software can run with the /Library/Application Support/Rising Software
file missing or damaged by the user.
If _anybody_ who runs the software must have read/write access to
these files, you must set the mode to 666 if they are actually files,
and 777 if they are directories. You _cannot_ rely on all users being
in any specific group.
-Greg
On Jun 23, 2009, at 7:08 AM, Peter Lee wrote:
Hello,
Our applicaton has a couple of files that anybody who runs the
application needs read/write access to. One is stored in Library/
Application Support/Rising Software and the other is in the
application bundle. In Packagemaker, they are getting assigned to
group 'staff', with my own name as the owner. As I understand, who
owns the file isn't really an issue, as long as the group has rw
access, and all users who need to use the spp are in the group that
owns the file(s).
On 10.5, every user seems to be in the 'staff' group. I not sure if
that that's the case in earlier versions of OSX - it may be but my
10.4 disk won't boot at the moment....
Having said that - on a friends machine - 10.5, he's transferred his
profile from an earlier version of OSX, and he's not in staff. I
don't know if he was in staff on his earlier box - I _think_ that in
earlier versions of OSX, you are in a group with the same name/
number as your user name/number, and perhaps you don't get
membership of staff automatically when you transfer your profile.
I'm just wondering how we should handle this? We could make those
files owned by group 'everyone' instead? It sounds a bit ugly to me?
Thanks,
Peter Lee
--
Peter Lee
email@hidden
-----------------------------------------------------------------------
Rising Software Australia Pty. Ltd. http://
www.risingsoftware.com/
Publishers of 'Auralia' - Ear Training and 'Musition' - Theory
Training
Ph: +61 3 9481 3320 FAX: +61 3 9481 3380 USA Freecall: 1 888 667
7839
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Installer-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Installer-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden