Re: Policy for use of Group Names

To: "I. Forbes" <iforbes@zsd.co.za>
Cc: debian-isp@lists.debian.org
Subject: Re: Policy for use of Group Names
From: "Jeremy C. Reed" <reed@wcug.wwu.edu>
Date: Fri, 31 Mar 2000 11:32:43 -0800 (PST)
Message-id: <Pine.LNX.3.96.1000331110745.16421D-100000@sloth>
In-reply-to: <E12b28Y-0001eX-00@janus.localnet>

On Fri, 31 Mar 2000, I. Forbes wrote:

> adm:4:

can read /var/log files

> tty:x:5:
> disk:x:6:
> cdrom:x:24:
> floppy:x:25:
> tape:x:26:

use certain /dev devices

> staff:x:50:

miscellaneous files and directories like: /home/f/ and /usr/local/

> games:x:60:

I don't play games, but maybe for writing scores?

> nogroup:x:65534:

Nothing should be owned by nogroup. You may run something as nogroup. But
it should not have write access to anything. For some reason
/var/run/identd/ is nogroup on my system. I don't know why and I think
this may be wrong.

> Which files and directories allow access from these groups in a 
> Debian installation?

I used "find / -group GROUP" to find the above.

> Would it make sense to add certain users to say "cdrom", "adm" or 
> "staff" ?  What rights would such a user be expected to gain from 
> this?  

Add some users to group adm so they can read log files for example.

  Jeremy C. Reed
....................................................
     BSD software, documentation, resources, news...
     http://bsd.reedmedia.net

Reply to:

References:
- Policy for use of Group Names
  - From: "I. Forbes" <iforbes@zsd.co.za>

Prev by Date: Re: Policy for use of Group Names
Previous by thread: Re: Policy for use of Group Names
Index(es):
- Date
- Thread