> > All right. I understand the problem. But the directories removed by
> > the postrm/purge are normaly only used :
> > - by user, to upload datas related to his spip installation,
> Is this uploaded data recorded anywhere?  In the MySQL database perhaps?
> If so, the file names can be retrieved from there for removal on purge.
Mmm... yes and no. Some of them could be. But a user may upload files
without using them in the application.
So, the files are available, but unused, and unreferenced.

> Additionally, you may upset users by simply deleting their uploaded
> files on purge.  Some may see this as deletion of user data, which
> should not be done.
Of course, I understand. But I wonder they won't upload personal files
for another use than spip here...

> > - by spip himself, to store cache informations,
> Are the file names predictable in any way?  If so, you can look for
> files fitting the pattern.

> > - by spip himself, for log or backups.
> The file names of the logs or backups should be predictable, right?

> As someone else has already pointed out, /usr/share should be capable of
> being made read-only.  Any runtime changing data for an application
True. But due to the implemntation of the application, which is written
in php, datas are stored on the program dir. There is no real separation
between datas and functions.

And if i symlink some datas (for apache access AND direct file handler
access), i'll will setup another alarm... and it won't be accepted.

