When I install applications like Android Studio or programs like Oracle JDK in home directory by extracting tar archives, after running the .sh file, they make changes on home directory such as making configuration files and folders. I want to know that can they access other system folders in my root directory and make changes in them?
They can, but the consensus is that they should not.
Installation from
tar.gzshould be of 2 kinds of installations. an installer or install script that offers using .../opt/as the installation path and then put everything except a symlink in/etc/to the binary in/opt/so a service gets started on boot. This one requiressudoand tends to be for larger projects (think jasperserver, a mysql from source) where more than 1 user use the software or where the software is a server./home/$USER/and a subdirectory in there named after the software where everything gets installed there. This one does not requiresudoand should not install anything outside of your home.When you use this kind of installation and the installer asks for your
sudopassword this is a red flag. You need to stop and investigate. List the installer on screen and check why it is asking for it. Or ask on AskUbuntu ;)I have yet to see software that did not follow this.
Only installers made for that specific OS (.DEB for Ubuntu/Debian, .RPM for Redhat etc.) should use the specific directories described in the Linux Filesystem Hierarchy.