On Tue, May 11, 2010 at 06:09:58PM -0700, Russ Allbery wrote: > UPG without a umask of 002 is pointless. One may as well just put all > users in a users group. Right, our default setup is a strange and basically meaningless blend of two different approaches to user primary groups. One approach would be for users to be in a shared group (typically "users", but a project- or organization-specific group would also be common) and would have a more restrictive default umask (probably 022, or maybe something even more strictive like 077). Users can than share files with other members of their primary group by granting access using chmod. The other approach is to use private groups, like we do in Debian, but with a more permissive default umask (probably 002). Collaboration is then achieved by setting the setgid bit on a directory where the collaborative work is being done. Either of these approaches is OK. User's files are not writable by anybody but that user unless explicit steps are taken. Our default settings, however, break both of these approaches. The first doesn't work because the group permissions are effectively meaningless, since there isn't anybody but the user in the group. The second is broken because the umask is too restrictive, so changing the group ownership of a file doesn't accomplish anything. It would be interesting to see the discussion that lead to our current default setup, if anybody feels like combing the archives... noah
Attachment:
signature.asc
Description: Digital signature