[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [RFC] adding system users: which is the best way??

Hi Brian,

On Sun, 30 Nov 2003, Brian May wrote:

> On Sun, Nov 30, 2003 at 03:07:35AM +0100, Peter Palfrader wrote:
> > Some packages remove the user when they are purged.  This is even worse
> > I think.
> Presumable, if you purge the package, then the user is no longer needed.
> So shouldn't the user be deleted?
> (just don't use the option to deluser/userdel to automatically remove
> the users home directory in the maintainer scripts...)

adduser foo
Adding user foo...
Adding new group foo (1001).
Adding new user foo (1001) with group foo.
Creating home directory /home/foo.

deluser foo
Removing user foo...

adduser bar
Adding user bar...
Adding new group bar (1001).
Adding new user bar (1001) with group bar.
Creating home directory /home/bar.

ls -asld /home/foo /home/bar
   1 drwxr-xr-x    2 bar      bar          1024 Nov 30 08:46 /home/bar
   1 drwxr-xr-x    2 bar      bar          1024 Nov 30 08:46 /home/foo

If i don't remove the home dir than we have a possible security issue
since user bar will be able to access foo dirs/files.

So somehow we need to find a way to handle this situation in a better way.


Our mission: make IPv6 the default IP protocol
"We are on a mission from God" - Elwood Blues


Reply to: