Did you consider the case with $HOME being mounted on NFS with
rootsquash (which is set by default)? Should the postinst then 'su' to
each user to do the modifcations in that case then? How about if some
extra security policy is active like apparmor or selinux?
Sorry, the only sane option which is left is to keep maintainer
scripts
out of users home.
Exactly, and on our network we mount all NFS shares rootsquashed to
avoid stuff like this. Only root on the file server has access to
users' directories.
However, maintainer scripts should never mess with user's homes; the
users may have the software installed locally, or the package may
purged by mistake.
Cheers,
Morten
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
