Re: Policy on Account creation and deletion?
On Mon, 15 Mar 2004 09:38:57 +1100, Brian May <bam@debian.org> wrote:
>>>>>> "Marc" == Marc Haber <mh+debian-devel@zugschlus.de> writes:
> Marc> (3) Deletion I think that the account should be deleted when
> Marc> the package is uninstalled. dpkg documentation says that the
> Marc> only difference between remove and purge is that remove
> Marc> doesn't delete conffiles while purge does. This can be
> Marc> interpreted as a requirement to remove the account even on
> Marc> remove, which might lead to files becoming unowned.
>
>If you do delete the user, don't blindly delete the home directory
>associated with that user, eg. by providing deluser the --remove-home
>flag, you don't know where the entry in /etc/passwd might point, and
>might accidently delete the wrong thing (or the entire file system in
>fact, if the home directory was stupidly set to "/").
So you think about the case where somebody stupid has changed the home
directory of the account to some insane value? It might be a good idea
then to have the postrm script check the home directory before
invoking deluser?
Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Karlsruhe, Germany | Beginning of Wisdom " | Fon: *49 721 966 32 15
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29
Reply to: