Re: Package Maker ownership issues
Re: Package Maker ownership issues
- Subject: Re: Package Maker ownership issues
- From: Iceberg-Dev <email@hidden>
- Date: Mon, 5 Oct 2009 21:56:18 +0200
On Oct 5, 2009, at 11:04 AM, Jakub Bednar wrote:
On Oct 2, 2009, at 5:14 PM, Greg Neagle wrote:
user/group info for filesystem items is _always_ stored as numeric
values.
When you create your user, specify the UID at that time as well.
Hi Greg,
I was thinking about this in the first place, but I don't
think it is a correct solution, as there is no guarantee that the
UID is not already taken on target system.
That's why I think it should be possible to specify the user/group
by names. If there is no such user or group on the system, the
installation will fail, so it is the
responsibility of the installer to create such user/group.
Actually I think there should be 3 ways of specifying ownership:
1. UID/GID number, installed software will be owned by exactly this
user/group. (good for well known users/groups: root, admin, wheel)
2. user/group name, installed software will be owned by user/group
specified by this name. (good for newly created users/groups by the
installation process)
3. no user/group specified, meaning that the files should be owned
by user/group running the installer.
You really don't even want to think about it:
- Considering that there were/are a bunch of packages being
distributed with uid/gid set to 501 (or 502), millions of users will
end up with new user accounts.
- An installer that creates users/groups during installation is
probably a potential security risk in most of the cases.
- It's not the job of the installer to second-guess the package and
payload contents.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Installer-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden