Re: [RFC] adding system users: which is the best way??
Hi Brian,
On Sun, 30 Nov 2003, Brian May wrote:
> On Sun, Nov 30, 2003 at 03:07:35AM +0100, Peter Palfrader wrote:
> > Some packages remove the user when they are purged. This is even worse
> > I think.
>
> Presumable, if you purge the package, then the user is no longer needed.
>
> So shouldn't the user be deleted?
>
> (just don't use the option to deluser/userdel to automatically remove
> the users home directory in the maintainer scripts...)
adduser foo
Adding user foo...
Adding new group foo (1001).
Adding new user foo (1001) with group foo.
Creating home directory /home/foo.
deluser foo
Removing user foo...
done.
adduser bar
Adding user bar...
Adding new group bar (1001).
Adding new user bar (1001) with group bar.
Creating home directory /home/bar.
ls -asld /home/foo /home/bar
1 drwxr-xr-x 2 bar bar 1024 Nov 30 08:46 /home/bar
1 drwxr-xr-x 2 bar bar 1024 Nov 30 08:46 /home/foo
If i don't remove the home dir than we have a possible security issue
since user bar will be able to access foo dirs/files.
So somehow we need to find a way to handle this situation in a better way.
Fabio
--
Our mission: make IPv6 the default IP protocol
"We are on a mission from God" - Elwood Blues
http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp00004.html
Reply to: