User privacy

Robert Heller heller at deepsoft.com
Tue Feb 16 17:21:23 UTC 2021 

At Tue, 16 Feb 2021 15:54:15 +0000 "Ubuntu user technical support, not for general discussions" <ubuntu-users at lists.ubuntu.com> wrote:

> 
> Content-Type: text/plain
> 
> On Tue, Feb 16, 2021 at 04:35:57PM +0100, Volker Wysk wrote:
> > Am Dienstag, den 16.02.2021, 23:23 +0800 schrieb Bret Busby:
> > > On 16/02/2021, Volker Wysk <post at volker-wysk.de> wrote:
> > > > Hi
> > > > 
> > > > Am Dienstag, den 16.02.2021, 14:18 +0000 schrieb Ian Bruntlett:
> > > > > Hi,
> > > > > 
> > > > > I'm sorting out an existing Lubuntu 18.04 laptop for a mother and
> > > > > daughter. At the moment when I run umask I get the result "0002" which I
> > > > > believe means that different users can read each other's files in their
> > > > > $HOME directories. They want to stop each other from reading their files.
> > > > > 
> > > > > Now I have a rough idea on how to arrange this. I believe a different
> > > > > umask value has to be specified however I don't know:-
> > > > > * What value of umask to use
> > > > > * Where to set that value so that it is set as the default on
> > > > > bootup/login.
> > > > 
> > > > You don't need to touch the umask. Just delete the permissions for "others"
> > > > on the home directories:
> > > > 
> > > > chmod o-rwx /home/HOMEDIR1
> > > > chmod o-rwx /home/HOMEDIR2
> > > > 
> > > > Bye,Volker
> > > > 
> > > 
> > > Is it "others" or "group"?
> > > 
> > > I preferred it when it was numbers; the 777 system, so, for example,
> > > chmod 007
> > 
> > It's "others". Each user should have its own private group with the same
> > name as the user name and only that user in it. So the group ownership or
> > permissions should not be a problem.
> > 
> It always seems to be a rather strange default set-up to configure
> every new user to have a group of their own.  It makes the whole idea
> of groups in permissions rather redundant!

Back in the olden days of UNIX on "mainframes" with lots of RS232 ports and
multiple actual users, users will be in groups (with a defauly group "users")
that match what real life "group" they were part of: eg all of the students
might be in a group "students" and all of the professors might be in a group
faculty. Or maybe each research group would have a group. Or something like
that. These days, with single user workstations, the *default* is to create a
group for that one user. This is just the default behaviour of the installer
and can be overridden after the fact, if it makes sense -- eg if you were 
setting a shared workstation or a server with multiple logins or something.

Oh, there are other "groups" for things like I/O devices, where permissions 
might be granted (or not).

> 
> It *may* be a good idea to configure things so that, by default, files
> don't have group read permission (i.e. umask 002, I *think*) but one
> often *does* want to share files for reading and that requires that
> users belong to some common groups.  They can then set group read
> permission on files they want to share.
> 

-- 
Robert Heller             -- 978-544-6933
Deepwoods Software        -- Custom Software Services
http://www.deepsoft.com/  -- Linux Administration Services
heller at deepsoft.com       -- Webhosting Services

More information about the ubuntu-users mailing list