Les Mikesell wrote:
Lutz Lange wrote:
i was thinking about user creation and group administration. Every user
gets his own private group when he is created. And the motivation for
that is to avoid users sharing files with all other users to per default
right?
Not exactly. Having your own private group assigned from the start
makes it possible to use a default umask that gives group access to your
files without actually giving anyone else access yet. That means
when/if you do want to let someone else have access, you don't have to
go back and change the permissions on all your existing files and
directories.
...which means as soon as you save something to a setgid directory, you
just gave the world (or at least, some larger group) write permission to
your files. Personally I always considered umask 002 to be Evil. Better
to make it hard to intentionally grant others write for your files than
to make it easy to accidentally give write permission that you didn't
want to give.
If 'chmod g+w file;chgrp foo file' is too much work then there should be
a command that can do both.
--
Matthew
Please do not quote my e-mail address unobfuscated in message bodies.
--
When on POSIX, do as POSIX mandates.
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
