Re: Gnome 2.2 with normal user - More info
- From: Core <core enodev com>
- To: Danilo Šegan <dsegan gmx net>
- Cc: garnome-list gnome org
- Subject: Re: Gnome 2.2 with normal user - More info
- Date: 14 Feb 2003 20:04:11 -0600
I agree with some points, but there's more than one way to do it.
Someone building garnome ought to also be able to edit one file, and run
it however they want.
On Fri, 2003-02-14 at 15:46, Danilo Šegan wrote:
> Core wrote:
> > Maybe a note about umask should be in the FAQ. Just enough for newbies.
> I don't think so. If one decides to build as root, (s)he is supposed to
> be a "system administrator", and of course, quite familiar with the
> umask and everything else.
Those who build garnome are only necessarily /users/, not sysadmins. I
don't know about you, but my machine has many users, and I install
software. I also like to use my computer to teach and evangelize.
> If the same one (who insists on installing GARNOME as root) wants to
> avoid editting a gar.conf.mk for every release of GARNOME, I'd rather
> suggest to create a new user for "GNOME Administration", let's call it
> "gnome". Then, "gnome" home directory (which might be eg. /gnome,
> instead of the common /home/gnome or whatever) will need to set the
> appropriate permissions (so everyone can read and execute needed files).
> This way, you keep the traditional level of security ("traditional" in a
> sense that noone is allowed to write, read or even cd to a root home
> dir, a protection you advised earlier to be shut off!), and get all the
> benefits of multi-user install.
The same goes for all software. This is a great way to do things, if
you're a control freak. This way, you can say "You can run kde, but not
gnome". I really could give a shit.
> And last, I believe FAQ says that you should *NOT* install the GARNOME
> as root: if it's not there, then it should be updated.
I disagree, as long as things aren't suid. So long as you edit one line
in gar.conf.mk and umask 022 your fine. You really just should run gnome
as root. Not secure.
Core <core enodev com>
] [Thread Prev