Re: Gnome 2.2 with normal user - More info

Core wrote:
I agree with some points, but there's more than one way to do it.
Someone building garnome ought to also be able to edit one file, and run
it however they want.

I quite agree, but if someone building as root finishes up with installation in /root/garnome, it seems as if that someone was not actually able to "edit one file." I cannot see a reason to install GARNOME in this location, if not for allowing *only* root to use it.

On Fri, 2003-02-14 at 15:46, Danilo Šegan wrote:

Core wrote:

Maybe a note about umask should be in the FAQ. Just enough for newbies.

I don't think so. If one decides to build as root, (s)he is supposed to be a "system administrator", and of course, quite familiar with the umask and everything else.

Those who build garnome are only necessarily /users/, not sysadmins. I
don't know about you, but my machine has many users, and I install
software. I also like to use my computer to teach and evangelize.

You install software, have a machine with many users, meaning, you are a sysadmin. So, you know about umasks, and all the stuff you need. Users should build in their own home directories, and so be able to use it. If they know at least a bit about permissions, they'll also make it possible for other users on the same system to use the same installation. If not, they should NOT build it in /root/garnome.

This way, you keep the traditional level of security ("traditional" in a sense that noone is allowed to write, read or even cd to a root home dir, a protection you advised earlier to be shut off!), and get all the benefits of multi-user install.

The same goes for all software. This is a great way to do things, if
you're a control freak. This way, you can say "You can run kde, but not
gnome". I really could give a shit.

It also allows for protecting the files of root, because even cding to root directory is sometimes considered harmful.

And last, I believe FAQ says that you should *NOT* install the GARNOME as root: if it's not there, then it should be updated.

I disagree, as long as things aren't suid. So long as you edit one line
in and umask 022 your fine. You really just should run gnome
as root. Not secure.

No, you misunderstood me. The FAQ should say that one ought to build as non-root. Whoever is capable and willing, is by no chance obliged to do so. But, as you might have noticed, this list is full of problems arising from building as root. If one at least temporarily made /opt writeable by some other user, he could achieve the same thing without reaching any problems.

Finally, GARNOME is officialy for testers (though it's listed on as one way to get a distribution). Maybe a change of direction is what you're asking for, and if that happens, it will probably be more suited to system-wide installation.

Ok, lets get this discussion off the GARNOME list.

Best regards,

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]