Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 26 replies
  • Subscribers 10 subscribers
  • Views 100283 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

'sweep' command installs itself into /usr/local and changes permissions, wreaking havoc on Homebrew

SimonPercivall

Sophos installs a sweep command into /usr/local/bin, and a few auxiliary files. Doing this, Sophos also changes ownership of /usr/local and several sub-directories. This wreaks havoc with Howebrew, which by default installs to /usr/local and expects it to be writable by the "main user". In general, /usr/local should not be used by non-user controlled installations.

A more polite way would be for Sophos to install its commands to /opt/sophos, and asking the user to and relevant paths if they wish to use the tools.



This thread was automatically locked due to age.
Parents
  • 0
    Yeah we've heard about this and we are planning to make a change in the near future (next few weeks) that will leave the permissions on directories alone if they exist (but set the reasonable values if we need to set them). Our own tools will always have restrictive permissions and ownership when installed.

    Curiously, Homebrew has a page about this that sort of suggests we are doing exactly what Apple is expected to be doing in their own updates. Anyone know if Homebrew plans a better strategy for /usr/local?

    ---

    Bob Cook (bob.cook@sophos.com) Director, Software Development

  • 0 in reply to bobcook
    The purpose of /usr/local is to be used by the user, that's the convention and purpose of its existence.
    If Apple does it with their updates then Sophos shouldn't be trying to substitute itself to Apple anyway.
Reply Children
No Data
Unfiltered HTML