This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

'sweep' command installs itself into /usr/local and changes permissions, wreaking havoc on Homebrew

Sophos installs a sweep command into /usr/local/bin, and a few auxiliary files. Doing this, Sophos also changes ownership of /usr/local and several sub-directories. This wreaks havoc with Howebrew, which by default installs to /usr/local and expects it to be writable by the "main user". In general, /usr/local should not be used by non-user controlled installations.

A more polite way would be for Sophos to install its commands to /opt/sophos, and asking the user to and relevant paths if they wish to use the tools.



This thread was automatically locked due to age.
  • I have the same problem.  It appears Sophos changed permissions on a bunch of directories.  I ran this to undo the changes:

      sudo chown myusername:admin bin share share/man share/man/man1

    If this happens every time Sophos runs, that is going to get tedious quickly.

  • +1 to Simon's suggestion, and adding voice to his complaint. It's so invasive. There are soo many Homebrew users this impacts. Please fix it. Thanks.
  • Just another +1. This is terribly disruptive to my daily work.
  • Hey everyone,

    Just wanted to let you know, I've forwarded this feedback to our engineering team. I'll let you know what I hear back from them.

    Thanks for letting us know!

    Cheers,
    Serra
  • Yeah we've heard about this and we are planning to make a change in the near future (next few weeks) that will leave the permissions on directories alone if they exist (but set the reasonable values if we need to set them). Our own tools will always have restrictive permissions and ownership when installed.

    Curiously, Homebrew has a page about this that sort of suggests we are doing exactly what Apple is expected to be doing in their own updates. Anyone know if Homebrew plans a better strategy for /usr/local?

    ---

    Bob Cook (bob.cook@sophos.com) Senior Product Development Manager

  • I've just been bitten by this as well. I understand Sophos wants their tools running with restrictive permissions & ownership, but this just isn't affecting Homebrew, Sophos is trampling on anything the user has installed in these locations.
  • The purpose of /usr/local is to be used by the user, that's the convention and purpose of its existence.
    If Apple does it with their updates then Sophos shouldn't be trying to substitute itself to Apple anyway.
  • Bump. I've fixed all the warnings from `brew doctor` several times. I'm pretty sure this is the cause.
  • I just posted this on the forum sounds like the same problem? :I have a problem with about 200 imported image files that have _sophos listed as the Sharing & Permissions name. No idea how they got this but it means unless I change the permissions on all the files Aperture lists them as 'Unsupported Image Format'. If I select add a name to the permissions SophosEndpoint is listed as an option. SophosEndpoint is not listed in System preferences Users and Groups however. Sophos 9.4 Mac OS X 10.11
  • Hey everyone,

    Thanks again for all the feedback. Just wanted to let you all know that we're aware of this, and planning to fix it in a future release. I'll reply back when I have a specific timeline.

    Cheers,
    Serra