Are there any conventions about setting up ownership and permissions on programs installed to /usr/local? For example, I have Firefox installed into /usr/local/firefox. Is there any disadvantage to setting ownership to a (the) regular user? Would there be any disadvantage to setting ownership to root?

I was able to run Firefox after assigning ownership of both the executable firefox, and the firefox libraries (*.so files), to the regular user. This can't work (I don't think?) on a multiuser system, though, so I wonder what the conventions are. I also wonder whether there are problems that I might not notice right away.

Thanks in advance.
--Erika

If for example a particular user owns /usr/local/firefox/firefox-bin, he can modify firefox-bin so that its trojaned, then when other users(or in the worst case root) executes it bad things can happen.
Normal users shouldn't own any system-wide binaries at all.
Firefox should be able to work with any user when it's files are owned as root with proper permissions set.

The /usr/local directories are only writable by root. Unless a program or library has a special owner setup by the installation, the owner will be root. Nothing would be gained by changing it.

Hi, and welcome to LQ!


The "problem" isn't as much a problem of the
ownership (even though files in global locations
would typically be owned by root since normal
users don't have write-permissions to those direc-
tories) but rather of permissions ...
if the files (executables & libraries) are set to
u=rwx,go=rx and u=rw,go=r respectively the
normal user is (should be) able to run the app.


Cheers,
Tink

Thanks

There are no other users on this PC, that I am aware of. So, I am indifferent to the program's owner for maintenance purposes. I can always switch to root. But, clearly it is important that any programs I run as the regular user not be able to modify themselves or other programs. So I'll keep installing things as root.

Incidentally, this problem came about when I downloaded and installed Firefox. Made the firefox directory user-owned to download the installer there, and just installed on the user account also. In the future I will download to user directory, the log in as root to install.

--Erika

You could 'su' to root instead. For KDE programs, there is kdesu.

The firefox installation was a bit goofy in my opinion. I changed the name of the directory from 'firefox-install' to 'firefox' in the installation program dialog. I also produced links to the 'firefox' and maybe the 'firefox.bin' files in the /usr/bin dir.

A previous installation of firefox installed much more smothly for me.