Le Wed, Aug 20, 2003 at 09:26:14AM -0600, Jamin W. Collins a écrit : > > All right. I understand the problem. But the directories removed by > > the postrm/purge are normaly only used : > > - by user, to upload datas related to his spip installation, > Is this uploaded data recorded anywhere? In the MySQL database perhaps? > If so, the file names can be retrieved from there for removal on purge. Mmm... yes and no. Some of them could be. But a user may upload files without using them in the application. So, the files are available, but unused, and unreferenced. > Additionally, you may upset users by simply deleting their uploaded > files on purge. Some may see this as deletion of user data, which > should not be done. Of course, I understand. But I wonder they won't upload personal files for another use than spip here... > > - by spip himself, to store cache informations, > Are the file names predictable in any way? If so, you can look for > files fitting the pattern. True. > > - by spip himself, for log or backups. > The file names of the logs or backups should be predictable, right? True. > As someone else has already pointed out, /usr/share should be capable of > being made read-only. Any runtime changing data for an application True. But due to the implemntation of the application, which is written in php, datas are stored on the program dir. There is no real separation between datas and functions. And if i symlink some datas (for apache access AND direct file handler access), i'll will setup another alarm... and it won't be accepted. -- "Il n'y a qu'un décolleté pour pousser un homme à rechercher la profondeur chez une femme." -- Zsa Zsa Gabor Gaétan RYCKEBOER Société Virtual-Net [Tous textes et propos tenus dans ce couriel sont sous license DMDZZ]
Attachment:
pgp1jDKyJVXjW.pgp
Description: PGP signature