[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

modifying home directories by maintainer scripts (was: Re: Bug#329347: common-lisp-controller: checking of permissions of the output directory)

On 21.09.05, Faré wrote:
> On 9/21/05, René van Bevern <rvb@progn.org> wrote:
> > On 21.09.05, Faré wrote:
> >
> > Hi Faré,
> >
> > > The only possible downside is having to walk /etc/passwd to locate
> > > all the places where to purge the cache, if you wish to do such
> > > thing.
> >
> > No, it is the plain and true evil for package maintainer scripts to
> > delete or modify files in users' home directories. It's the user's
> > personal space and you never know what he uses ~/.cache for. The
> > system should never modify the home directory and I do not know of one
> > single package that does.

Hi Faré,

> A lot of packages install stuff in the user directory.

I doubt that any package does this.

> Mozilla, Gimp, OpenOffice, KDE, GNOME, etc., will all create their
> own directories under ~/.<foo> and install a shitload of crap.

But this is done by the applications themselves and not by packages or
their maintainer scripts -- and not for all home directories they can
find. It's up to each user if that happens or not.

> Sometimes, their offer to upgrade from a previous version,
> and optionally offer to delete cruft from previous versions.

That is fine. The application themselves can offer transitions from
previous versions. But a maintainer script in a package that runs
through the home directory of all users to delete files is not fine.

The applications *offer* it, it's in the user's hands what happens
finally. This would not be the case if a maintainer script traversed
all home directories to delete caches.

> Modifying users' directories is something done casually.

Not by packages or their scripts and not without user
interaction. It's dangerous.


Attachment: pgpC4eP5JxK50.pgp
Description: PGP signature

Reply to: