I have written a small graphical tool that saves scanned documents in the users home directory. 3 people use this computer / scanner. How should I configure INSANED_USER / INSANED_GROUP ?
Insaned will run event scripts using given user and group and therefore create image files owned by this user and group. Things to consider:
INSANED_USER should be able to use the scanner (in some distros it could e.g. mean he should be in "scanner" group)
Some event scripts (file, scan) use $HOME as the default directory to put images into, $HOME will obviously be the home directory of INSANED_USER
INSANED_USER should have the permissions to write into the output directory you choose to put the scanned files into
All 3 users should have permissions to read (and possibly write if you need to) files owned by INSANED_USER and INSANED_GROUP (e.g. they could be added into INSANED_GROUP or you could use some common group like "users")
You could in principle also keep root/root if created files are world-readable (depends on system configuration)
If you give somebody permissions to edit event scripts, he will basically be able to run arbitrary code with the permissions of INSANED_USER, which might be a security risk
I have written a small graphical tool that saves scanned documents in the users home directory. 3 people use this computer / scanner. How should I configure INSANED_USER / INSANED_GROUP ?