[Sanddancer]

Sudo and ACLs. There's a lot of power in there under the hood that a lot of people don't think of with these types of problems. For your specific use case, I'd start by creating a new user, something like $USER-npm-install. Next, I'd set acls on $HOME/.npm to allow write access with setfacl, something like setfacl -m u:$USER-npm-install:rwx $HOME/.npm .

For the actual script, I'd have it check to make sure that the current working directory is owned by you, then have it setfacl -m u:$USER-npm-install:rwx . to temporarily give the installer user access, then do sudo -u $USER-npm-install npm install Whatever . After it's done, I'd do sudo chown -R $USER . to get everything owned by you, and setfacl -m u:$USER-npm-install:--- . to revoke the permissions until needed for next time.

If my brain were suitably in gear, I'd give more than a 20000 foot view of what needs to be done, but those are the basics. A lot of people think of sudo as just being something for getting to root, but it is rather useful for creating sandboxed users for potentially dangerous actions as well. Create a user with just enough privileges to do what needs to be done, and have fun.