On 05/02/15 23:05, Rashif Ray Rahman wrote:
On 4 February 2015 at 12:11, Gaetan Bisson bis...@archlinux.org wrote:
[2015-02-03 22:10:26 -0500] Daniel Micay:
It's definitely a security issue when it comes to the dynamically
assigned range (500..999) since files may be left behind and the
On 4 February 2015 at 12:11, Gaetan Bisson bis...@archlinux.org wrote:
[2015-02-03 22:10:26 -0500] Daniel Micay:
It's definitely a security issue when it comes to the dynamically
assigned range (500..999) since files may be left behind and the
user/group could be reused. It doesn't seem like
On 04/02/15 13:21, Sébastien Luttringer wrote:
On 03/02/2015 17:16, Evangelos Foutras wrote:
On 03/02/15 17:58, Andrew Gregory wrote:
-1 for systemd-sysusers unless you can figure out a way to use it in
pre_install. In order for the dynamic user creation Allan mentioned
to work, pacman will
On 03/02/15 06:05 PM, Allan McRae wrote:
On 03/02/15 22:01, Jerome Leclanche wrote:
2015-02-03 12:46 GMT+01:00 Allan McRae al...@archlinux.org:
1) We should not remove users/groups when packages are uninstalled. This
is a potential security issue if any files are left owned by the
[2015-02-03 22:10:26 -0500] Daniel Micay:
It's definitely a security issue when it comes to the dynamically
assigned range (500..999) since files may be left behind and the
user/group could be reused. It doesn't seem like it could be an issue
with the reserved static ids though.
I concur.
On 03/02/2015 17:16, Evangelos Foutras wrote:
On 03/02/15 17:58, Andrew Gregory wrote:
-1 for systemd-sysusers unless you can figure out a way to use it in
pre_install. In order for the dynamic user creation Allan mentioned
to work, pacman will have to be changed to use symbolic user names
Hi all,
While looking into how best handle those directory permission warnings
with pacman-4.2, I have noticed a couple of things about user/group
management in our packages.
1) We should not remove users/groups when packages are uninstalled. This
is a potential security issue if any files are
On 02/03/15 at 02:27pm, Evangelos Foutras wrote:
On 03/02/15 13:46, Allan McRae wrote:
Hi all,
While looking into how best handle those directory permission warnings
with pacman-4.2, I have noticed a couple of things about user/group
management in our packages.
1) We should not
On 03/02/15 17:58, Andrew Gregory wrote:
-1 for systemd-sysusers unless you can figure out a way to use it in
pre_install. In order for the dynamic user creation Allan mentioned
to work, pacman will have to be changed to use symbolic user names for
file ownership which requires the user to
2015-02-03 12:46 GMT+01:00 Allan McRae al...@archlinux.org:
1) We should not remove users/groups when packages are uninstalled. This
is a potential security issue if any files are left owned by the
non-existent user/group.
When should the cleanup be done? Installing and immediately
On Tue, Feb 3, 2015 at 1:27 PM, Evangelos Foutras evange...@foutrelis.com
wrote:
I'd say yes and I agree on both points.
This is also a perfect opportunity to mention systemd-sysusers(8) which,
along with sysusers.d(5) entries, can greatly simplify the creation of
system users.
+1 for
On 03/02/15 13:46, Allan McRae wrote:
Hi all,
While looking into how best handle those directory permission warnings
with pacman-4.2, I have noticed a couple of things about user/group
management in our packages.
1) We should not remove users/groups when packages are uninstalled. This
is
On 03/02/15 22:01, Jerome Leclanche wrote:
2015-02-03 12:46 GMT+01:00 Allan McRae al...@archlinux.org:
1) We should not remove users/groups when packages are uninstalled. This
is a potential security issue if any files are left owned by the
non-existent user/group.
When should the cleanup
13 matches
Mail list logo