Re: Policy for use of Group Names
- To: "I. Forbes" <iforbes@zsd.co.za>
- Cc: debian-isp@lists.debian.org
- Subject: Re: Policy for use of Group Names
- From: "Jeremy C. Reed" <reed@wcug.wwu.edu>
- Date: Fri, 31 Mar 2000 11:32:43 -0800 (PST)
- Message-id: <Pine.LNX.3.96.1000331110745.16421D-100000@sloth>
- In-reply-to: <E12b28Y-0001eX-00@janus.localnet>
On Fri, 31 Mar 2000, I. Forbes wrote:
> adm:4:
can read /var/log files
> tty:x:5:
> disk:x:6:
> cdrom:x:24:
> floppy:x:25:
> tape:x:26:
use certain /dev devices
> staff:x:50:
miscellaneous files and directories like: /home/f/ and /usr/local/
> games:x:60:
I don't play games, but maybe for writing scores?
> nogroup:x:65534:
Nothing should be owned by nogroup. You may run something as nogroup. But
it should not have write access to anything. For some reason
/var/run/identd/ is nogroup on my system. I don't know why and I think
this may be wrong.
> Which files and directories allow access from these groups in a
> Debian installation?
I used "find / -group GROUP" to find the above.
> Would it make sense to add certain users to say "cdrom", "adm" or
> "staff" ? What rights would such a user be expected to gain from
> this?
Add some users to group adm so they can read log files for example.
Jeremy C. Reed
....................................................
BSD software, documentation, resources, news...
http://bsd.reedmedia.net
Reply to: