Hi Paul,

Le 23/11/2016 à 01:46, paul.sz...@sydney.edu.au a écrit :

> Might protect against "static" things, but vulnerable to a race.

I'm not sure to understand, what kind of race could happen here?

> But really... why do you care about leaving some "dangling" useless
> object, owned by some long-gone UID or GID?

I don't know the motivations behind this complexity. I can imagine a
case where an administrator switches from tomcat8 to tomcat9 and doesn't
expect the old package to remove files unknown to him so they can be
moved to the configuration directory of the new package.

The upgrade scenario could look like this:

1. Install tomcat8
2. Declare a web application in /etc/tomcat8/Catalina/localhost
3. Uninstall tomcat8
4. Install tomcat9
5. Move /etc/tomcat8/Catalina/localhost/* to /etc/tomcat9/Catalina/localhost

If the step 3 also removes the webapp configuration the administrator is
going to be angry (but arguably less than having his system hacked).

Emmanuel Bourg

This is the maintainer address of Debian's Java team
Please use
debian-j...@lists.debian.org for discussions and questions.

Reply via email to