[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: user private groups and a src group

iwj10@cus.cam.ac.uk said:

> Bill Mitchell says:
> > [ re making almost every directory setgid ]
> > 
> > And all of this will of course come as a complete suprise to debian
> > installers/users  who have not been party to this discussion.  They'll
> > need to be clued in about it, or it'll cause lots of confusion for them.
> What on earth are you talking about ?  What confusion ?
> They need never know.  If they want to know what setgid on a directory
> does they can RTFM and see that it does what they want (err, I need to
> edit open(2) to reflect this - it appears to have been written before
> this feature appeared in Linux ...)

I was talking about someone who installs debian who does something like
"ls -ld /*", and sees lots of "drwxr-sr-x" permissions.

That person then wonders, "Why on earth are the sgid bits set on all those
directories???  Joe's Slackware linux system doesn't have these sgid bits
set.  The unix system I use at work doesn't have all those sgid bits set.
Gee, I wonder why debian linux has all those sgid bits set.  What's with
debian, anyhow?????"

Of course, that person would not have seen the article you posted to this
mailing list a few days ago, where you said:

+ As I'm the one who originally brought up the scheme, I'll summarise
+ what I propose (at the cost of repeating some things that have already
+ been said):
+   1. Each user gets their own private group.  Their gid = their uid
+      and their group name is the same as their username.
+   2. Each user is also a member of any additional "project" groups of
+      which they need to be members.
+   3. Both user home directories and project directories are mode 2775
+      or 2770 and owned by the appropriate group.  On project
+      directories the user ownership doesn't matter.  (2775 = drwxrwsr-x)
+      This ensures that new files or directories created there will
+      inherit both the correct group ownership and the setgid bit.
+   4. The default umask is 002; if users and/or projects want to keep
+      their files secret as well as safe they should chmod the
+      appropriate directories to 2771 or 2770 (drwxrws--x or drwxrws---).

So he wouldn't be aware of this reasoning in the background, which you were
moved to explain so carefully on the list after this suggestion provoked so
much back & forth discussion and questions about what it was intended to

That's what on earth I was talking about, and that's the information I meant
debian installers/users would need to be clued in about.  I don't think that
simply saying, "they'll never notice it, and if they do notice it it's
up to them to figure out on their own why we did it" is a workable approach.

Not to mention, of course, my followup point about needing to make this
scheme easily turn-offable if debian adopts it, in order to avoid alienating
potential users who will be opposed to it on religious grounds.  We've seen
several article from people holding such religious views on this list lately.

Reply to: