Re: Bug#80343: general: Lack of policy on which files should be owned by which user
On Tue, Dec 26, 2000 at 12:38:28PM +0200, Eray Ozkural (exa) wrote:
> I always thought it was a paranoid kind of security "feature"
> in Debian. I might be wrong of course.
>
> How does giving every user his own group makes it easier for
> him to share files without system administrator's intervention?
> I couldn't guite get it, sorry I just woke up but I simply
> don't understand it. A small example?
Sure. Let's say you have a pair of users, Jose and HoseB,
each with home directories in /home, with a single-user group each.
They have some confidential files which they keep in their home
directories and want to hide from each other.
They also work on a project together, in /project. They have another
group, which they both belong to, and all the files in /project
use that GID. There are other users on the system who are not
working on the project and who should not be able to look at
/project.
Jose and HoseB can set their umask to allow group read/write by
default. When they write to their home directories, the files
belong to their individual user groups, so nobody else can read
them. When they write in /project, the files belong to the project
group, so they can both read them. And nobody except Jose and HoseB
can read the files in /project either, because they're not world
read/writable.
Now, imagine if Jose and HoseB shared a 'users' group, which
their home directories used, as well as the project group. When
they write to their home directories, their files end up
group read/writeable to all users!
Or if they set their umask to allow user read/write only, then
they end up with files in /project which the other person
can't read. They have to remember to fix file permissions all the time.
This is a big nuisance. I spent months working on a project with
a shared directory without individual user groups. Worse yet, you
can end up with a CVS repository full of files with user-only
permissions (using a local CVS repositor, rather than remote).
Of course this is not an issue if (a) you never need to share
files with a subset of users (use world read/write), or (b) you never
need to share files at all (user read/write only).
> It populates the groups? I want only meaningful groups there.
Per-user groups are very meaningful, and are a good demonstration
of why Debian is a superior OS to many others.
Regards,
Hamish
--
Hamish Moffatt VK3SB <hamish@debian.org> <hamish@cloud.net.au>
Reply to: