[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: UID and GID generation

On 2016-08-12 16:29, Martin Bammer wrote:
The issue now is when the same user names are added on different
machine in a different order. A very common example is a family where
each family member has it's own computer. So for example on computer A
the users are added in the order john, mary, dave. On computer B mary,
dave, john.
Now John buys an external drive for backups and data sharing and
formats it with ext4. Then John copies several private files to the
external drive. Then Mary wants to do the same on her computer, but
when she connects the external drive she can see John's files with
user and group mary and she has full access to these files. A very bad
design issue!

I waited for you to complain that this is not the case and that files can't be accessed, but you did it the other way around and complain that they can be. If you want to keep files private on external drives (or drives in general), you use encryption. POSIX file permissions and ACLs do not help you there as anyone with root (say, on their personal device like a laptop) can just look at all of the files anyway. That assumption is as true on Windows with NTFS, by the way (unless you use EFS, which people generally don't).

So my suggestion would be to change the default behavior of UID and
GID generation to hash value calculation.

I think that's a terrible idea. It does not solve the problem you are trying to solve and it creates even more of a mess with user and group IDs.

Kind regards
Philipp Kern

Reply to: