Date: Wed, 11 May 2005 14:33:30 -0400 From: Chuck Swiger <cswiger@mac.com> To: Lewis Thompson <lewiz@compsoc.man.ac.uk> Cc: freebsd-questions@freebsd.org Subject: Re: user owned groups Message-ID: <42824FFA.4080603@mac.com> In-Reply-To: <20050511174702.GA23222@noisy.compsoc.man.ac.uk> References: <20050511165506.GC10213@asu.edu> <428242D7.6040103@mac.com> <20050511174702.GA23222@noisy.compsoc.man.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Lewis Thompson wrote:
> On Wed, May 11, 2005 at 01:37:27PM -0400, Chuck Swiger wrote:
>> If all of the users have their default group be staff or some such, anyone
>> can change any file which is group-writable. If each user has their
>> default group be a unique group (with UID==GID), then users can safely use
>> a 002 umask, without worrying about their files being stolen or changed by
>> other users, and yet still use group accounts to work with other users when
>> they do want to share files with.
[ ... ]
> Can /home be configured so all files are created with permissions of
> 0600 (or 0700 for directories)? I use a umask of 77 but that's annoying
> when playing with files in other locations.
setgid on directories won't help, but maybe the behavior of the sticky bit is
what you are looking for? Is how stuff in /tmp handled OK permission-wise for
your expectations?
Otherwise, you only have one default umask. I'm not sure there is a sane way
of changing it depending on which directory you are currently in, but you
might try setting up an alias ("cd77", "cd22"?) which combines setting the
umask and cd'ing.
--
-Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42824FFA.4080603>