Jon Nelson wrote:
On Wed, 24 Aug 2005, James Knott wrote:
Why should group members have access to my files by default. If I want to stop them I have to change the permissions to my directory.
I feel that this is the crux of the situation. Consider it "secure by default." If I recall properly, Debian could turn the per-user group concept on and off such that when on new users automatically got new groups of the same name and preferably UID==GID. It seems to me that there is no way that SuSE 10.0 is going to be able to be modified to make groups for each user when that user is created, but that is no reason not to try to get that behavior changed for the future.
What can be done, is change /etc/skel, so that group members don't automatically have access to other home directories. Also, as I mentioned, use Webmin to create new users, with their own group ID. I find it hard to believe that unique groups are not even an option with Yast, without going through extra steps for each user.