On 2016-08-12 16:29, Martin Bammer wrote:
The issue now is when the same user names are added on different machine in a different order. A very common example is a family where each family member has it's own computer. So for example on computer A the users are added in the order john, mary, dave. On computer B mary, dave, john. Now John buys an external drive for backups and data sharing and formats it with ext4. Then John copies several private files to the external drive. Then Mary wants to do the same on her computer, but when she connects the external drive she can see John's files with user and group mary and she has full access to these files. A very bad design issue!
I waited for you to complain that this is not the case and that files can't be accessed, but you did it the other way around and complain that they can be. If you want to keep files private on external drives (or drives in general), you use encryption. POSIX file permissions and ACLs do not help you there as anyone with root (say, on their personal device like a laptop) can just look at all of the files anyway. That assumption is as true on Windows with NTFS, by the way (unless you use EFS, which people generally don't).
So my suggestion would be to change the default behavior of UID and GID generation to hash value calculation.
I think that's a terrible idea. It does not solve the problem you are trying to solve and it creates even more of a mess with user and group IDs.
Kind regards Philipp Kern