Hi, On 18-02-28 18:14:17, Marvin Renich wrote: > If a user get to install his/her own plugins, they should go in the > user's home directory, e.g. /home/user/.config/scheduler/plugins/. > Non-root users should not generally be given write permission to > /usr/local, and definitely not to /usr/lib.
See my separate mail: The term "user" used by me was misleading, I guess, more appropriate would have been "admin". > If the app takes care of installing the plugins on the user's behalf, > that is slightly different. However, if the plugin can be selected by > the user from a non-trusted source, I would still go with the user's > directory. Allowing a non-root user to put his own plugin where > others can execute it without being able (even required) to verify its > integrity is a huge security hole. The app doesn't take care of installing the plugins. This would be the job of the admin, using whichever technique they're comfortable with. > Ian's comments are good for admin-installed plugins that the users can > use. In fact there is good precedent for an app checking > /usr/lib/pkg/... for plugins installed from Debian packages, > /usr/local/lib/pkg/... for plugins installed by the admin from > non-Debian locations, and then finally the user's .config/pkg/... > directory. I guess we'll go with /usr/local/lib/schleuder then? Does this sound like a reasonable choice? Thanks, Georg
signature.asc
Description: Digital signature