Username & groups
Lowell Gilbert
freebsd-questions-local at be-well.ilk.org
Sat Apr 19 16:33:56 UTC 2008
prad <prad at towardsfreedom.com> writes:
> On Thu, 17 Apr 2008 10:00:24 -0400
> Jon Radel <jon at radel.com> wrote:
>
>> Other things being equal, it's better
>> to have all users use their own login group and then add them to
>> additional groups as appropriate.
>>
> jon,
>
> i have always been curious about this. why is it better for a user to
> be in his own group? on slackware i recall users all went into the
> users group.
>
> one benefit i can see is that if a user has his own group then you
> can effectively give others access to certain files by adding them to
> that users group.
>
> are there other reasons?
>From adduser(8):
Perhaps you are missing what can be done with this scheme that falls
apart with most other schemes. With each user in their own group, they
can safely run with a umask of 002 instead of the usual 022 and create
files in their home directory without worrying about others being able to
change them.
For a shared area you create a separate UID/GID (like cvs or ncvs on
freefall), you place each person that should be able to access this area
into that new group.
This model of UID/GID administration allows far greater flexibility than
lumping users into groups and having to muck with the umask when working
in a shared area.
More information about the freebsd-questions
mailing list