Re: [SLE] more on umask
From: James Knott (james.knott_at_rogers.com)
Date: Thu, 25 Aug 2005 08:21:51 -0400 To: firstname.lastname@example.org
Randall R Schulz wrote:
> On Wednesday 24 August 2005 10:44, James Knott wrote:
>>If you want to share files with the group, create a directory for
>>that group and every member of that group has access to that shared
>>directory. A user shouldn't have to take action, to keep others out
>>of his home directory.
> The validity of that claim rests solely on the assumptions you make
> about the relationships between the users of the system in question.
Well, for my own personal computers, there's no problem. But what about
a family system, where mom & dad might not want all there files
available to the kids? What about at work, where the home directory is
mounted from a server? Should the manager's or HR files be available to
>>As an experiment, create another user on your system and create a
>>text document in the home directory for that user. Then, log in as
>>yourself and try reading that file. Then log in as that other user
>>and try accessing files in your home directory. Tell me again about
>>the security of that setup.
> That so-called "experiment" is not controlled and will tell the person
> who conducts it only about the incidental aspects of their local
> configuration, not about anything universal to the use of groups and
What it was intended to show, is that in the default SuSE configuration,
any user can read another's home directory. Nothing more.
-- Check the headers for your unsubscription address For additional commands send e-mail to email@example.com Also check the archives at http://lists.suse.com Please read the FAQs: firstname.lastname@example.org