[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Sticky premissions.
- To: Adi Stav <stav(at-nospam)actcom.co.il>
- Subject: Re: Sticky premissions.
- From: guy keren <choo(at-nospam)actcom.co.il>
- Date: Tue, 23 Oct 2001 10:57:08 +0200 (EET)
- cc: Linux-IL <linux-il(at-nospam)linux.org.il>
- Delivered-To: linux.org.il-linux-il@linux.org.il
- In-Reply-To: <20011023130950.C20095@wilma.stav>
- Sender: linux-il-bounce(at-nospam)cs.huji.ac.il
On Tue, 23 Oct 2001, Adi Stav wrote:
> > in any event, you just gave me another idea for what could be achived with
> > 'syscall parameter rewriting' - a good thing for syscalltrack ;) (once it
> > supports syscall paramerter rewriting).
>
> What for? This is policy in the kernel, overwriting explicit user
> choices in order to achieve ends that can be reached through other
> means. If a sysadmin has SGID directories, all they need to do is to
> to set the default umask to 002.
because i don't WANT to set umask to '002'. i always set it to '077', in
fact, on multi-user environments. and then, there are certain directories
in which i want to be able to collaborate with several other people, and i
have to manually make sure files get proper permissions. and in _those_
directories, _i_ (the paranoid 077 umasker) WANT files to be accessible to
the group _by default_. and since there's no 'umask-per-directory' yet,
then i'm stuck. and too many times i had problems because of these issues.
and there aer other directories in which i want the group to have 'read'
access, but not 'write' access (e.g. ~/public_html - want the web server's
user to be able to read the file but not write into it).
--
guy
"For world domination - press 1,
or dial 0, and please hold, for the creator." -- nob o. dy
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il