[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Policy on Account creation and deletion?

On Mon, 15 Mar 2004 09:38:57 +1100, Brian May <bam@debian.org> wrote:
>>>>>> "Marc" == Marc Haber <mh+debian-devel@zugschlus.de> writes:
>    Marc> (3) Deletion I think that the account should be deleted when
>    Marc> the package is uninstalled. dpkg documentation says that the
>    Marc> only difference between remove and purge is that remove
>    Marc> doesn't delete conffiles while purge does. This can be
>    Marc> interpreted as a requirement to remove the account even on
>    Marc> remove, which might lead to files becoming unowned.
>If you do delete the user, don't blindly delete the home directory
>associated with that user, eg. by providing deluser the --remove-home
>flag, you don't know where the entry in /etc/passwd might point, and
>might accidently delete the wrong thing (or the entire file system in
>fact, if the home directory was stupidly set to "/").

So you think about the case where somebody stupid has changed the home
directory of the account to some insane value? It might be a good idea
then to have the postrm script check the home directory before
invoking deluser?


-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber          |   " Questions are the         | Mailadresse im Header
Karlsruhe, Germany  |     Beginning of Wisdom "     | Fon: *49 721 966 32 15
Nordisch by Nature  | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29

Reply to: