On 5/10/2010 11:24 AM, Drake Wilson wrote: > FWIW (which is probably vanishingly little), I find that dealing with > significant group or even inter-user interactions on Unix machines > eventually gets nearly impossible in the absence of full POSIX ACL > support. Modern Debian supports this well with a suitable filesystem > on the backend, though depending on your interop requirements there > may be other problems. I have no problems with FACLs, except they add to added complexity and administration to the filesystem. They're difficult to maintain when multiple groups and users are involved. When scattered about the filesystem, it's not trivial to remove ACL permissions when users or groups are removed from the system. Making the default umask '0002' system-wide on a base install, however, is extremely trivial. Having the administrator then set FACLs as appropriate can be at their discretion without getting in the way. > I regularly set my personal umask to 0077 because I find accidentally > creating files that other users can snoop on to be more dangerous than > having to chmod files after the fact. Conversely, setting default > ACLs is one of the first things I do when setting up collaboration > directories. FACLs on collaborative project directories and files is almost a necessity, and I understand the security of changing your umask to something more tight on multi-user systems. And if the umask switches the other direction to '0077' in the name of security, I don't see any problems there. However, leaving it at '0022' is just historical baggage, and there's no good reason to leave it there. -- . O . O . O . . O O . . . O . . . O . O O O . O . O O . . O O O O . O . . O O O O . O O O
Attachment:
signature.asc
Description: OpenPGP digital signature