Public Directories

[Christofer C. Bell]

On 6/14/06, Ivan Krstic <krstic at fas.harvard.edu> wrote:
> Ryan Dean Bair wrote:
> > On my machine I have a folder /home/pub which uses ACLs to make it readable
> > and writeable by all users on the system, newly added content also remains
> > publically accessable. This works great for my wife and I to easily exchange
> > documents, and keep our picture collection accessable to both of us.
>
> Is this functionally different from how /tmp traditionally works on Unix
> systems via the sticky bit?

Not only that, one can still use the sticky bit without running mode 777:

$ sudo addgroup public
$ sudo mkdir -p /home/pub
$ sudo chgrp public /home/pub
$ sudo chmod 1770 /home/pub
$ sudo usermod -G public mywife
$ sudo usermod -G public myself
$ sudo usermod -G public myfriend

The above creates a new group named "public" and then creates a
directory named /home/pub with the following permissions: drwxrwx--t
(1770).  This is full access to the owner of the directory (root),
full access to folks in the directory's group (public), no access to
anyone else, and users must own a file contained in the directory
before they can delete it (sticky bit).

The last 3 commands add your wife, yourself, and an arbitrary friend
to the new group "public" so you can all access content in the
directory.  There's no need for the operating system to come with a
directory of this nature as creating directories of this type is part
of "standard Unix".

-- 
Chris

"I trust the Democrats to take away my money, which I can afford.  I
trust the Republicans to take away my freedom, which I cannot."