>>>>> Simon McVittie <s...@debian.org> writes: >>>>> On 26/09/12 18:15, Ivan Shmakov wrote: >>>>> Simon McVittie <s...@debian.org> writes:
>>> Please research previous discussion to check that you're not >>> missing arguments that have happened in the past, >> Any particular pointers? > Following the git history points to > <https://bugzilla.gnome.org/show_bug.cgi?id=2311>, which raises > interesting issues regarding running GUI applications from under > su/sudo (which is generally a bad idea, but back then there was > little alternative). There's also the analysis at [1]. Unfortunately, it seems that the possibility of the user /intentionally/ changing his or her own HOME was never considered (and neither such concerns are reflected in the documentation.) E. g.: --cut-- It turns out that most of this time, this is irrelevant. login sets $HOME and until you switch users, it will be left unchanged. The case where it becomes an issue is with some "execute a program as another user" commands. There is some difference in behavior here. --cut-- Should the target user be a non-privileged one, my suggestion (to only use HOME if it points to a directory which is both accessible and owned by the “now-current” user) should relieve the concerns listed. On the other hand, when the target user is ‘root’ (UID 0), either of these behaviors may be valid (depending on the exact circumstances, as was noted elsewhere in this thread), so this check shouldn't be done (should we follow the general principle of “root knows what it wants.”) [1] http://mail.gnome.org/archives/gtk-devel-list/2002-March/msg00066.html -- FSF associate member #7257 -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/86r4pls8w9....@gray.siamics.net
