On 18.6.2014 12:00, Dominig ar Foll (Intel OTC) wrote:
Yes I 'banned' the hook to run code or script posted by App (rpm or pkg)
at creation of deletion of user and I stick on that position because the
risk of hanging the system when added/updating/removing App is too high.
It's up to App to create what ever they need (directory; config files,
...) at the first run.
Now, I do not 'banned' platforms to use hooks to execute special code at
user creation or deletion. That is a platform decision and possible side
effect their responsibility.
Well, it never was specifically third-party or platform applications,
but about RPMs in general installing hook scripts.
For example gSSO currently stores user credential databases in
/var/db/gsignond (in per-user directories) because those need to be
inaccessible to the user / apps he runs under his account. If we would
have the filesystem encryption (and TEE framework), data would be stored
encrypted with user-specific key. So now when a user is deleted, his
credentials remain in plaintext...
_______________________________________________
Dev mailing list
[email protected]
https://lists.tizen.org/listinfo/dev
