Default group

Wed Oct 17 21:34:17 UTC 2012

On 12-10-17 03:52 PM, John Moser wrote:
> 
> Let's first assume we have three users:
> 
> jkirk
> ksingh
> wriker
> 
> Now, let's say any of these wants to give any of the others access to
> his files in general (i.e. his $HOME).  Let's for our example say
> jkirk wants wriker to have access.
> 
> First, he must find the sysadmin.  The sysadmin must then put wriker
> in group jkirk.  Also, ~jkirk must be group-readable, as must any
> files.

In a default Ubuntu installation, jkirk's files are already accessible
to other users.

> 
> To do this without a sysadmin, the user must be sysadmin.  Either none
> or one of these users can do it all; or all of them can and then we're
> not dealing with any kind of document security.
> 
> With POSIX ACL instead AND AN INTERFACE FOR IT, jkirk simply
> right-clicks on his Home directory in Nautilus (Konqueror Thunar etc),
> hits Permissions, Add, puts in 'wriker' with 'read, access files
> inside directory'.  Since his files are all read-write by group
> (umask=002) instead of just readable (umask=022), this makes all his
> files writable by wriker, of course.  That's not the point here,
> HOWEVER it is a concern.
> 
> Notice this is simple, and the user can do it themselves.
>

A user can't change permissions on his $HOME by himself. Only a sysadmin
can.

> 
> 
> Someone raised shared directories and SGID.  When we get to SGID we've
> stepped slightly outside simple, but I'll allow it.
> 
> Let's say now jkirk wants to share specific files with wriker, and
> specific other files with ksingh.  Let's tackle ksingh first.
> 
> jkirk could put a directory in a shared location, with SGID,
> accessible by jkirk, and have the sysadmin give ksingh the jkirk
> group.  This would, of course, also allow ksingh into anything else
> accessible by jkirk's group--so if his home directory is open, or if
> he has a file shared with wriker by putting wriker in the jkirk group,
> those files are also accessible by ksingh as a matter of course.
> 
> Repeat:  those OTHER files are also accessible by ksingh as a matter of course.
> 
> Instead, ksingh could have jkirk put in the ksingh group; this creates
> the same problem for ksingh.
> 
> Next of course jkirk tries to create a shared directory to share some
> files with wriker, but of course that makes things complex.  Maybe
> wriker does it, but then he shares with ksingh, which means wriker has
> the same problem of jkirk getting files he wants to only share with
> ksingh, or jkirk must accept the problem of sharing files with ksingh
> when he only wants those files to go to wriker (and with wriker when
> he wants those files only to go to ksingh).
> 
> Then, everybody gives up and just uses e-mail to send files back and forth.
> 
> Instead, jkirk creates a directory to share with ksingh.  The
> directory is mode 700, owned by jkirk, and in the group 'users', and
> with the SGID bit set (so not mode 700, more mode 02700?  I forget
> what's SUID, SGID, and sticky, ok?).  He right clicks on it, hits
> Properties, Permissions, adds ksingh with rwx (remember X on
> directories is "access files inside").  When jkirk or ksingh creates
> files inside, they are read/write by group and automatically in the
> group 'users', so jkirk and ksingh can access all files in the
> directory.

This only works if the user default umask is 002, which wouldn't be the
case if you're not using User Private Groups.

Marc.