site_archiver@lists.apple.com Delivered-To: installer-dev@lists.apple.com Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:mime-version:in-reply-to :references:content-type:message-id:content-transfer-encoding:from :subject:date:to:x-mailer; bh=UqZzxygCw+Jm+TcQh2M8c/6Kfmwwikmd0+DhhvA6RHc=; b=DI/x1bnRRjSIJM2lPiuxqiemxFyNQNOuGb1o651dfm3+f33/uc8/vn28qw6rOJ/jkv HfusWCkOel2gcyleA2yi/VXi/1fkaU9+UTkPqDkrw+knEVbhlGHqHynGgEzVYCKS9vUt AIOzzjg82HDSYSm2rjOhpSBqd5qhJ2fKXAyHA= Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:content-type:message-id :content-transfer-encoding:from:subject:date:to:x-mailer; b=dy4z5t59ynH7w/PKaLE7Q175jANb9EA3EjCMg9ZfajM3MOh5OybxqZht0dn+VGw8Ri kRpRcxhLLdWI3rXtN5fEVOTg5OfjNyS4WOgSh1hOkX9O5+APXyvHmnqmTsSAXkz/oioB x1TJervw64rYtr2RNPNOoQgyVaLKs9xIqNSUk= On Oct 5, 2009, at 11:04 AM, Jakub Bednar wrote: On Oct 2, 2009, at 5:14 PM, Greg Neagle wrote: user/group info for filesystem items is _always_ stored as numeric values. When you create your user, specify the UID at that time as well. Actually I think there should be 3 ways of specifying ownership: You really don't even want to think about it: _______________________________________________ Do not post admin requests to the list. They will be ignored. Installer-dev mailing list (Installer-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/installer-dev/site_archiver%40lists.a... Hi Greg, I was thinking about this in the first place, but I don't think it is a correct solution, as there is no guarantee that the UID is not already taken on target system. That's why I think it should be possible to specify the user/group by names. If there is no such user or group on the system, the installation will fail, so it is the responsibility of the installer to create such user/group. 1. UID/GID number, installed software will be owned by exactly this user/group. (good for well known users/groups: root, admin, wheel) 2. user/group name, installed software will be owned by user/group specified by this name. (good for newly created users/groups by the installation process) 3. no user/group specified, meaning that the files should be owned by user/group running the installer. - Considering that there were/are a bunch of packages being distributed with uid/gid set to 501 (or 502), millions of users will end up with new user accounts. - An installer that creates users/groups during installation is probably a potential security risk in most of the cases. - It's not the job of the installer to second-guess the package and payload contents. This email sent to site_archiver@lists.apple.com