Support installing workloads in user folder
See original GitHub issueCurrently, workloads are installed in the dotnet root folder. We should also support installing them into a different, user-local folder. Benefits would include:
- Support source-built .NET.
- The fallback workaround for source-built .NET would involve manually extracting various packages to specific folders, and setting some environment variables to tell the .NET SDK to load workloads from those folders.
- Support installing workloads in Docker containers, where there are not permissions to write to the dotnet root folder
- Better support for .NET SDKs installed via a package manager such as rpm or apt. Currently we expect that you will be able to install workloads in this case via
sudo
, but it may be an anti-pattern to elevate permissions to write to a folder that is owned by a package manager.
However, we do need to make sure to consider the security implications of having a root-installed .NET SDK load workloads which are installed with non-root permissions.
It’s also possible that we want to represent workloads themselves as packages managed by rpm or apt. In this case we might not need to also support installing packages to user folders. (However, for this to work, we would need to be able to source-build all workloads available on Linux in order to make them available to source-built .NET as source-built packages).
Once we have settled on this as the right approach and reviewed the security implications, we should schedule this work as soon as we are able after the currently committed .NET 6 workloads work. The current estimate is 6.0.200 though we should start as soon as we can.
Issue Analytics
- State:
- Created 2 years ago
- Comments:15 (15 by maintainers)
FYI @tmds @omajid, I’ve filed this issue based on our discussion last week.
I think consuming the workloads from a user folder is as secure as consuming them from an administrator installed .NET root folder.
In both cases they are as trustworthy as the user.