Re: Private groups & umask 002 proposal
>
> I'm still waiting to see one worthwhile argument against my proposal.
> I don't expect to see one.
>
I noticed you ignored my argument, which you previously dismissed with
a handwaving without giving an adequate solution. My problem with
this proposal is that one loses one level of protection.
In the environment I work in, we have a policy which can be summarized
like this:
a) Other people in your working group can read, but not write, your
work files;
b) People not in your working group have no access.
The default umask is 026.
Under your scheme, one level of protections alias the other (uid alias
gid). Hence there is *no way* such a policy can be implemented; it is
not possible to separate the people with read access from the ones
with no access. This is a serious omission.
/hpa
--
INTERNET: hpa@nwu.edu FINGER/TALK: hpa@ahab.eecs.nwu.edu
IBM MAIL: I0050052 at IBMMAIL HAM RADIO: N9ITP or SM4TKN
FIDONET: 1:115/511 or 1:115/512 STORMNET: 181:294/101
WWW hyplan available at <http://www.eecs.nwu.edu:8001/hpa/plan.html>
Reply to: