Hi Franklin-- Thanks for the quick response!
On Sat 2008-10-25 05:25:07 -0400, Franklin PIAT wrote: > My primary implementation idea was to make the folders owned by the > group staff (like /usr/local). Would that fit your need ? I'd rather not do that; membership in group staff is a huge privilege (because you can rewrite /usr/local, as you say, which means members could place a trojan in /usr/local/bin/ls, for example). So membership in that group is not something that is easily granted. > I wonder why you defined DI_NETBOOT_ASSISTANT_CONFIG. Do you need to > be able to use multiple configuration dir ? or would it be fine to > use ~/.di-netboot-assistant.conf (then fall back to /etc/... ) Ah, this makes more sense than what i did. As long as a user-supplied config file is possible (so DL_CACHE, STATUS_LIB and CONFIG_DIR can be overridden), the tool can be run cleanly as a non-privileged user. It should probably fail cleanly if the user is unable to write to DL_CACHE or STATUS_LIB, though. Would you like me to submit a new patch that works this way? Regards, --dkg
pgpGyLTmKUlBh.pgp
Description: PGP signature