On Mon, May 20, 2013 at 5:51 PM, Sandro Mani <manisan...@gmail.com> wrote:
> I've just hit a bug which causes $HOME to be owned by root if a mountpoint
> is created inside $HOME during install, see [1].
>
Ouch. Recent libuser versions refuse to do anything about a home directory
(... which should cause the whole "create user" process to fail) if $HOME
already exists - and this is necessary for security reasons.
I'd much rather prohibit this case - if you want to set up a mountpoint
within $HOME, create the user first. It would admittedly be a really ugly
policy, however I think it's still better than the security risk.
Mirek
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
