On Tue, Apr 3, 2012 at 3:27 PM, Tim <ignored_mailbox@xxxxxxxxxxxx> wrote: > Tim: >>> It always struck me that personal files ought to have no group or >>> world permissions set by default. If you wanted your files to have >>> those extra permission set, then it ought to be done as a deliberate >>> choice. >> > Joel Rees: >> Maybe "user-id" is mis-named. There are sure a lot of people who tend >> to see "user-id" and expect the one-to-one correspondence. I know the >> conflation caused me some frustration back in college, and I'm not In case it helps: http://dictionary.reference.com/browse/conflation >> sure I got it properly worked out until I put together a few openbsd >> systems. > > I don't see any reason why it should be anything else, and that it's > more of a conflagration to try and do it any other way. Well, there is a reason some people don't want universal ID, for example. It's a lot broader topic than you may want to believe. It's similar to the reason your httpd and ftpd (ntpd, nfs daemon, database daemons, etc.) are operating as separate users, and are run by yet another daemon operating as yet another user. > Sure, there's /some/ added security in separated accounts for different > activities, and some added privacy s/some/a lot of/ if you set it up right. > (just recently it's become even more > annoying how if you've logged into one service, you suddenly find that > other things you're looking at have you "logged in as a user" rather > than an anonymous browser). Not a particularly recent phenomenon. > But there's a lot of mess in when you need > to be able to bridge between those different accounts (read and write to > the files you saved in the other account). Unless you have per-user groups and set the permissions right, in which case it becomes a small, non-repetitive matter of navigation. > And if you make that dead > easy to do, you've negated the point of using different accounts. And sudoers.d, of course. Otherwise, I'd have to say s/some/no/ above. > And I certainly don't want to log in three times over, how ever you > organise it, to read my email, browse web pages (related, or not, to the > email I'm reading), write in a word processor (which may involve > browsing some webpages, and copying and pasting), simultaneously. I don't log in as three separate users to surf, mail, and work. Just one. "xhost local:<subuser-id>; sudo -u <subuser-id>" does pretty well with current applications. Now, if I'm going to my bank site, I do log out and log in as a different user, just to be extra safe. If I have to start shopping on line, I'm going to have to re-examine my setup. Unfortunately, shopping sites don't seem to understand that a person might want to remain anonymous while filling his or her basket, until the point where money has to be paid. I'll probably set up a shopping login account, with child accounts for different on-line stores, or perhaps different classes of stores. -- Joel Rees -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
