Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> wrote: > On Wed, Oct 26, 2005 at 01:53:19PM +0200, Gabor Gombas wrote: >> On Wed, Oct 26, 2005 at 11:11:00AM +0200, Javier Fernández-Sanguino Pe?a >> wrote: >> >> > That really depends on the daemon itself don't you think? There's a number >> > of >> > daemons that don't create any file at all or, if they do, are created >> > only on a given directory which is removed on purge. In these cases, >> > removing >> > the user on postrm's purge might make sense. As I said, that would be an >> > option. >> >> It is still possible that those daemons _read_ some files (e.g. config >> files), and the admin did a chown/chgrp to the daemon's user. Removing >> the user and reusing the UID/GID will suddenly make those files >> accessible for a random new package which may not be intended at all. > > Wrong. That is only true in the chown() case. Which is not a sensible thing > to do. Daemons should be able to read their configuration files but they > usually *don't* need to *write* them, so they should *not* own them.
What about log files with sensitive content? Regards, Frank -- Frank Küster Inst. f. Biochemie der Univ. Zürich Debian Developer
