[Users] Theme installation - couldn't create directory ?
Manfred Schmitt
claws at slashproc.org
Sat Apr 16 14:47:27 UTC 2022
Ralf Mardorf via Users wrote:
>
> >I hope no one runs claws as a super user and it seems to me (without
> >digging into the source) there is no logic to escalate the rights to
> >"root" via su, sudo or however this must be implemented in other OS?
>
> See above, it all depends on the permissions for the folder
> /usr/share/claws-mail/themes/.
>
Sure, but it's unlikely that a directory in /usr/share/ is not owned
by root:root, writable by another user and/or group?
Afaik that's only the case if the user has set those rights and in this
case the user could just copy the theme to /usr/share/claws-mail/themes/?
And setting those rights to anything different, atleast to me, seems
to be against best practice for system security (-> Principle of least
privilege).
According to FHS /usr should be read only by users (and I assume that
this also should be the case for all subdirectories therein).
I really do not see a use case where the question to install the
theme system wide makes any sense if there isn't also some logic for
privilege elevation implemented in the code.
But maybe that's just me or I'm missing something.
Also, from a usability point of view it's a little bit odd that (in most
cases, if /usr/share/claws-mail/themes/isn't wrtitable) one has to choose
no to install a theme ;-)
Yeah, the question displayed is nonetheless unambiguous -- for users which
are somewhat proficient in computer operation.
E.g. for my boss it is'nt self explainatory that installing a theme
for all users requires the permission to write in a system directory.
What's a system directory he would ask :-)
Bye,
Manne
More information about the Users
mailing list