On Thu, 2009-02-26 at 17:55 -0800, Adam Williamson wrote:
>From doing some Googling, it seems Ubuntu have come up with an
alternative approach, which is for the installer not to wipe out /home
on an existing install...
https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2008-May/004210.html
You'd also need to not wipe out user accounts. But this seems like a
worthwhile feature. Windows can do something like it. (There you just
have to wipe out c:\windows...)
And now we start bikeshedding about implementation. Do we
whitelist /home and /etc/passwd|group and wipe out everything else, or
do we nuke a whitelist of known system directories? The latter is
probably safer. You probably want to save /usr/local too. What if users
have crap in /var/www/, or MySQL databases...
Our directory hierarchy (/var/ in particular) needs some serious
rethinking.