[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Enforcing g+rwX permissions on shared files

also sprach martin f krafft <madduck@debian.org> [2015-04-20 15:32 +0200]:
> g+s on the directory (as well as the Samba "force directory mode"
> setting) do not affect existing files moved into the tree, which is
> what happens most of the time actually. ACLs also don't work, since
> they are ultimately governed by the group bits, which get
> interpreted as mask.

Forgot to mention umask too, which is no good. First, it also only
applies to new files; And second, it would only work if every user
would ensure the setting was locally active. And if you've ever
tried to implement e.g. a git-hook-based quality assurance policy,
you'll know that expecting all your users to ensure policy
compliance just doesn't work reliably.

 .''`.   martin f. krafft <madduck@d.o> @martinkrafft
: :'  :  proud Debian developer
`. `'`   http://people.debian.org/~madduck
  `-  Debian - when you have better things to do than fixing systems
"if english was good enough for jesus christ,
 it's good enough for us."
                               -- miriam ferguson, governor of texas

Attachment: digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)

Reply to: