Re: [opensuse-offtopic] Re: [opensuse] how to give files group rw permissions
Patrick Shanahan wrote:
* Dirk Gently<dirk.gently00@gmail.com> [02-14-12 18:24]:
Because when you use that same distro OUTSIDE of those two niches, you have a major security hole.
defaulting to rw-r--r-- much safer then rwxrwxr-x, the latter being an invitation for things to go wrong....very wrong.
For example, any legitimate user in group "user" being allowed to overwrite, remove, etc. files owned by anyone else in group "user".
The default umask is what it is based on 4 DECADES of experience, far beyond your small little single-user niche usage.
You haven't paid attention. The folder is a means to synchronize files between a group, read that as a group, of users. Lookup "dropbox".
the umask command applies to all files from the point that it is rune. Putting it in /etc/profile or /etc/bash.rc, for the creation of a single directory, would be, as they say, "wrong and stupid" -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 15/02/12 00:55, Dirk Gently wrote:
Patrick Shanahan wrote:
* Dirk Gently<dirk.gently00@gmail.com> [02-14-12 18:24]:
Because when you use that same distro OUTSIDE of those two niches, you have a major security hole.
defaulting to rw-r--r-- much safer then rwxrwxr-x, the latter being an invitation for things to go wrong....very wrong.
For example, any legitimate user in group "user" being allowed to overwrite, remove, etc. files owned by anyone else in group "user".
The default umask is what it is based on 4 DECADES of experience, far beyond your small little single-user niche usage.
You haven't paid attention. The folder is a means to synchronize files between a group, read that as a group, of users. Lookup "dropbox".
the umask command applies to all files from the point that it is rune.
Putting it in /etc/profile or /etc/bash.rc, for the creation of a single directory, would be, as they say, "wrong and stupid"
Hi I called the shared folder dropbox because I wanted it to be like dropbox.com, but on our LAN. The folder is quite safe as it is on a Kerberos mounted NFS4 share. Only group users with tickets are allowed in. Anders' mod gives --w-rw---- I'd say that's pretty impenetrable, and with the nfs squash, even root can't access it. L x -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (2)
-
Dirk Gently -
lynn