user owned groups

Chuck Swiger cswiger at mac.com
Wed May 11 11:33:41 PDT 2005


Lewis Thompson wrote:
> On Wed, May 11, 2005 at 01:37:27PM -0400, Chuck Swiger wrote:
>> If all of the users have their default group be staff or some such, anyone 
>> can change any file which is group-writable.  If each user has their 
>> default group be a unique group (with UID==GID), then users can safely use 
>> a 002 umask, without worrying about their files being stolen or changed by 
>> other users, and yet still use group accounts to work with other users when 
>> they do want to share files with.
[ ... ]
> Can /home be configured so all files are created with permissions of
> 0600 (or 0700 for directories)?  I use a umask of 77 but that's annoying
> when playing with files in other locations.

setgid on directories won't help, but maybe the behavior of the sticky bit is 
what you are looking for?  Is how stuff in /tmp handled OK permission-wise for 
your expectations?

Otherwise, you only have one default umask.  I'm not sure there is a sane way 
of changing it depending on which directory you are currently in, but you 
might try setting up an alias ("cd77", "cd22"?) which combines setting the 
umask and cd'ing.

-- 
-Chuck



More information about the freebsd-questions mailing list