[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: user private groups and a src group

Carlos (carlos@snfep1.if.usp.br) writes:
> First, assuming the proposed scheme, I strongly prefer mounting with
> bsd semantics, instead of setting the sgid bit.

Yes but why?  Ian and I have given some good reasons for using the
setgid scheme.
> Secondly, I don't think /usr/src or anything in /usr should have it,
> because /usr cannot normally be written to.

This scheme does not change anyones ability to write or not write
_anywhere_, (without editing /etc/group as well).  So restricting
to a certain set of directories doesn't make that much sense.
> However, I don't really see a big advantage in the new scheme for a
> simple reason: I don't see why a group project would be in anybody's
> home directory. It seems to me that it'd rather be under a "project"
> user, and this directory would have write permission for the group,
> with people involved in the project belonging to the group.

You would have a new account for each group, rather than (or as well as?)
a new group for each group?  Ugh.  And why restrict where people put
their project files?

Anyway the main point has also been dealt with, in Ian Jackson's original
proposal.  Here it is again: (my version, not paraphrased from Ian)
	IF we take this route then we must do it for everyone,
_from the start_, or the main advantages of the scheme will be
lost; the whole point of the scheme is to avoid newgrp,umask and
chmod.  If we require users to use the above commands for some
directories and not for others then we introduce confusion.

	-Matt Hannigan

Reply to: