Question about userdel/groupdel usage in uninstall scripts
Phil Knirsch
pknirsch at redhat.com
Fri Feb 9 14:23:58 UTC 2007
Hi folks.
And another question for the next meeting, this time about the use of
userdel and groupdel in scripts after removal of a package.
I suspect for users/groups in the 1-100 uid/gid range this is not a
problem, but removing any users or groups that were added without a
specific uid or gid can be a security issue as those ids might get
reused for accounts that were added later.
Fedora Core doesn't contain any bad cases, but i've already spotted a
few ones in Fedora Extras.
So for a Package Review and Guideline that might be something we want to
take a look at for new packages or (if we ever do that) for a FC-Extras
review.
Read ya, Phil
--
Philipp Knirsch | Tel.: +49-711-96437-470
Development | Fax.: +49-711-96437-111
Red Hat GmbH | Email: Phil Knirsch <phil at redhat.de>
Hauptstaetterstr. 58 | Web: http://www.redhat.de/
D-70178 Stuttgart
Motd: You're only jealous cos the little penguins are talking to me.
More information about the Fedora-maintainers
mailing list