Open HenrikBengtsson opened 2 years ago
Maybe this should/could also be discussed with the CRAN team?
It might potentially be helpful if this warning would include something like "indirectly through your 'admin' group membership". Not sure how to phrase this in a way that it is precise and short and understandable by the "average" rstats macOS user though as these usually do not know that UNIX groups are.
It might potentially be helpful if this warning would include something like "indirectly through your 'admin' group membership". Not sure how to phrase this in a way that it is precise and short and understandable by the "average" rstats macOS user though as these usually do not know that UNIX groups are.
So, from your https://twitter.com/pjs_228/status/1472324235230162946 comments, I now understand it as, most macOS users do not run as admin, but belongs to the admin
Unix group which has write permission to lots of system folders. Running as admin is a bigger problem than having access to admin
folders, but both are still problematic since they can wreak havoc on the system.
Ignoring what R itself could/should do for now, here in startup, I could also warn against write permissions in the system package library folder (rev(.libPaths())[1]
), e.g.
WARNING: You ('alice') have write permission to the system library
folder ('/home/hb/software/R-devel/R-4-1-branch/lib/R/library').
There is a risk that you might remove base R packages by mistake.
Also, you do not appear to have a personal package library set up,
which means that any package you install will be installed to the
system package library. For stability of R, it is often better to
install packages to a personal package library.
This can be tested for using:
file.access(rev(.libPaths())[1], mode = 2L)
/home/hb/software/R-devel/R-4-1-branch/lib/R/library
-1
Comment: Yes, I remove the write permission on the system library folder even when I install from source to my own home directory; this prevents me from mistakes and causes R to offer me a personal library folder (R_LIBS_USER
), which then becomes .libPaths()[1]
.
So, from your twitter.com/pjs_228/status/1472324235230162946 comments, I now understand it as, most macOS users do not run as admin, but belongs to the admin Unix group which has write permission to lots of system folders. Running as admin is a bigger problem than having access to admin folders, but both are still problematic since they can wreak havoc on the system.
Yes. I have not done research though yet if there is a practical difference between these two modes, i.e. if the admin
group has less permissions in the end than running with sudo
.
I could also warn against write permissions in the system package library folder
This seems like a great solution. The already existing {startup} messages have been good help for me in the past.
Comment: Yes, I remove the write permission on the system library folder even when I install from source to my own home directory; this prevents me from mistakes and causes R to offer me a personal library folder (R_LIBS_USER), which then becomes .libPaths()[1].
👍
Yes. I have not done research though yet if there is a practical difference between these two modes, i.e. if the
admin
group has less permissions in the end than running withsudo
.
I guess, for example, that you could remove another user's files on the same system if you run as admin, but you can probably not remove those files if run as a regular user (unless they're also in the admin
Unix group and give write permissions to that group).
I agree with you that, if this is the default behavior for all macOS users, the this might be something R itself should fix, but I don't know how yet. You said in your tweets that the files are ownred by root:admin
. Does that mean that the installer ran as "root", e.g. is explicit or implicit sudo
required to install R?
Add an argument and option, possible make it the default, that causes
startup::startup()
to generate a warning: