You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I was wondering if there is a specific reason why informant requires root privileges or membership in the informant group.
AFAIK that command doesn't do any changes to the system. And since the displayed news are publicly available on the arch website, this seems like an odd choice to me.
If this is meant to protect admins against users maliciously reading the news (something I never thought I'd write 😅), wouldn't it be more desirable to keep the data in the users home directory (like PR #17 suggests)?
The text was updated successfully, but these errors were encountered:
There's already some discussion of this in #2, but basically I've kept the save information in /var because of the pacman hook.
When the hook executes it does so with privileges (either sudo or root depending on how pacman is called) and it needs access to the save file. While there are ways to get the sudo user and access their home folder I'm not sure how I feel about a privileged process changing data in the users home directory. But using the group or sudo access feels like a cleaner solution to me.
While I personally wouldn't really be against a privileged process reading from and writing to a file inside my home directory (so long as my user is the files owner and can modify/delete it), I do agree with the argument about users logging in as root you made in the linked issue.
I was wondering if there is a specific reason why informant requires root privileges or membership in the
informant
group.AFAIK that command doesn't do any changes to the system. And since the displayed news are publicly available on the arch website, this seems like an odd choice to me.
If this is meant to protect admins against users maliciously reading the news (something I never thought I'd write 😅), wouldn't it be more desirable to keep the data in the users home directory (like PR #17 suggests)?
The text was updated successfully, but these errors were encountered: