[opensuse] What happened to the $username group?
Much to my surprise I found out that openSUSE doesn't create a group by default with the same name as the username. For example in Gentoo creating the user 'aniruddha' also creates the group 'aniruddha'. This a long time tradition to solve problems caused by using using the 'users' group for home folders. What is the reason openSUSE doesn't create a $username group for each user? -- Regards, Aniruddha Please adhere to the OpenSUSE_mailing_list_netiquette http://en.opensuse.org/OpenSUSE_mailing_list_netiquette -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Aniruddha wrote:
never did. the reason to create such group is controversial (I don't have the link to the discussion, though) jdd -- http://www.dodin.net -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
jdd wrote:
Why not make it an option? Or at least change the default permissions, so that users don't have access to other home directories? -- Use OpenOffice.org <http://www.openoffice.org> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James Knott wrote:
Why not make it an option? Or at least change the default permissions, so that users don't have access to other home directories?
one should first find the hole discussion. There are pros and cons. usually one wants the othger users to ba able to read part of his account if not there are several security levels in suse, use a harder one and there are no more such problems jdd -- http://www.dodin.net -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon, Oct 15, 2007 at 07:04:45PM +0200, jdd wrote:
Yes, part, but not everything. ;-) Not wanting to restart the discussion, I think it would be nice to have a default place for shared content and real privacy for home. e.g. /home closed as much as possible, so only for users. Then something like /share/ that can be used by different people where you put you music and movies. houghi -- To have a nice mailinglist experience, follow the guidelines below:
Aniruddha wrote:
I mentioned this a while ago and while it isn't a severe problem if the permissions are set correct, they're not in SUSE. As default, anyone in the users group has access to everyone else's home directory. Either change the group or change the permissions to prevent that. I agree that individual groups should at least be an option in SUSE. You may want to change the default permissions, if you don't create individual groups. -- Use OpenOffice.org <http://www.openoffice.org> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Benji Weber wrote:
Currently, with the default configuration users can access other users home directories. At least that was the case up to 10.2. -- Use OpenOffice.org <http://www.openoffice.org> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 10/15/07, James Knott <james.knott@rogers.com> wrote:
What is the reason openSUSE doesn't create a $username group for each user?
What benefit does it give, that we don't have with ACLs already?
Currently, with the default configuration users can access other users home directories. At least that was the case up to 10.2.
So we advise users to put their 'private' stuff in Document folder which is not accessible by other users, that and ACL/Right click remove group permissions takes care of any issues users might have about others peeking in their folders. -J -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Aniruddha wrote:
never did. the reason to create such group is controversial (I don't have the link to the discussion, though) jdd -- http://www.dodin.net -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
jdd wrote:
Why not make it an option? Or at least change the default permissions, so that users don't have access to other home directories? -- Use OpenOffice.org <http://www.openoffice.org> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James Knott wrote:
Why not make it an option? Or at least change the default permissions, so that users don't have access to other home directories?
one should first find the hole discussion. There are pros and cons. usually one wants the othger users to ba able to read part of his account if not there are several security levels in suse, use a harder one and there are no more such problems jdd -- http://www.dodin.net -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon, Oct 15, 2007 at 07:04:45PM +0200, jdd wrote:
Yes, part, but not everything. ;-) Not wanting to restart the discussion, I think it would be nice to have a default place for shared content and real privacy for home. e.g. /home closed as much as possible, so only for users. Then something like /share/ that can be used by different people where you put you music and movies. houghi -- To have a nice mailinglist experience, follow the guidelines below:
Aniruddha wrote:
I mentioned this a while ago and while it isn't a severe problem if the permissions are set correct, they're not in SUSE. As default, anyone in the users group has access to everyone else's home directory. Either change the group or change the permissions to prevent that. I agree that individual groups should at least be an option in SUSE. You may want to change the default permissions, if you don't create individual groups. -- Use OpenOffice.org <http://www.openoffice.org> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (7)
-
Aniruddha -
Benji Weber -
CyberOrg -
houghi -
James Knott -
jdd -
Marcus Meissner