Re: Setgid Directories
Bill Mitchell wrote in part
> I was talking about someone who installs debian who does something like
> "ls -ld /*", and sees lots of "drwxr-sr-x" permissions.
>
> That person then wonders, "Why on earth are the sgid bits set on all those
> directories???
Well actually they'd see lots of drwxrwsr-x permissions i.e. write
permissions for group and they'd be more concerned about that. (until
they checked the group ownership and who was in that group)
(I'm still strongly in favour of it, though)
iwj10@cus.cam.ac.uk (Ian Jackso writes) in part
> Even if there were many such people, a quick "I wonder why they did it
> like that, oh well it seems to work right ..." is hardly confusion.
>
> He also makes the point that I had to explain my proposal here on this
> list, presumably to demonstrate that all the users need to see my
> explanation as well.
>
> However, this list is intended (I believe) for discussion of what
> should be done with Debian, in various respects. It is clearly
> necessary to explain the proposal to people who are being asked to
> make a decision.
>
> The individual users of debian aren't being asked to make this
> decision, and don't even need to know that it has been made for them.
That's a little unfair -- I think there will legitimate
"please explains".
> BTW, the fact that I had to explain what the setgid bit did (rather
> than people trying it out for themselves), and that some people still
> haven't twigged, reflects poorly on the experience of some members of
> this list, I think.
Some (many?) users _will_ want to know, so I think an explanation
is in order. Merely reading the relevant man pages will typically
not be enough for the average user.
The fact that some of the readers of this list required an
explanation is an argument _for_ including an explanation
somewhere in the debian docs. Presumably those reading this list
are more unix-clueful than your average unix/linux user.
--
-Matt Hannigan
PS. I volunteer to write this part for the Debian FAQ, if required.
Reply to: