On 2018-08-28 13:39, Dave Page wrote:
<snip>
> I did;
>
> *==>** The following existing directories will be made group writable:*
>
> /usr/local/bin
>
> /usr/local/lib
>
> /usr/local/share
>
> /usr/local/var
>
> *==>** The following existing directories will have their owner set to
> *
> *dpage*:
>
> /usr/local/bin
>
> /usr/local/lib
>
> /usr/local/share
>
> /usr/local/var
>
> *==>** The following existing directories will have their group set to
> *
> *admin*:
>
> /usr/local/bin
>
> /usr/local/lib
>
> /usr/local/share
>
> /usr/local/var
>
> I would rather we don't list a distro, than list one that we have to
> put
> security warnings against.
Isn't OSX/macOS considered a "single user" system for the vast majority
of its users?
Note - I'm meaning "single person has access to the machine", rather
than talking about the process separation model.
For a single user machine, the above setup doesn't seem terrible. It's
not giving world writeable access, it's just claiming ownership of
otherwise unused directories for the main users group.
?
Anyone using OSX/macOS in multi-user fashion is probably going to hit
other issues too (eg other people's apps in /Applications), and probably
:) avoids Homebrew.
+ Justin