[SunHELP] logic

Nicholas Dronen sunhelp at sunhelp.org
Wed Jan 31 06:38:12 CST 2001


Alan:

You'd want the umask to reflect the fact that you want all the
files and directories the user creates to be readable or executable,
respectively, by the group.  So, I guess the answer is yes. :)

Regards,

Nick Dronen

On Tue, Jan 30, 2001 at 09:48:43PM -0500, Alan Rubin wrote:
> Will a umask command need to b e put in some resource file (which one?) to
> make sure that adequete permissions are given to the special group by
> default?
> 
> alan
> 
> On Tue, 30 Jan 2001, Nicholas Dronen wrote:
> 
> > On Tue, Jan 30, 2001 at 08:21:05PM -0500, Alan Rubin wrote:
> > > I have a group of users with user A being the supervisor.  I need to
> > > create user accounts on a server, but A needs to have access to all of his
> > > subordinates files, while allowing each user to otherwise be private.
> > > What is a good scheme to accomplish this?  User A can not be root.  I'm
> > > sure this is fairly simple, but I haven't worked out my plan yet and was
> > > just hoping to hear a few suggestions.
> > 
> > Put the supervisor in some group (e.g., pinheads), chgrp
> > all of the users' home directories to that group, and set the
> > mode of the directories to 2750.  This is necessarily an imperfect
> > solution: while it does allow the supervisor to access all of
> > those home directories (and all of the subdirectories therein),
> > a saavy user can remove the sgid bit from their home directory,
> > which means the new files and subdirectories won't be 'owned'
> > by group pinheads.
> > 
> > Of course, you can always craft a solution with sudo as well.
> > 
> > Regards,
> > 
> > Nick Dronen
> > _______________________________________________
> > SunHELP maillist  -  SunHELP at sunhelp.org
> > http://www.sunhelp.org/mailman/listinfo/sunhelp
> > 
> > 
> 
> _________________
> *Alan Rubin*
> Sun/Unix/Networking/Web Writing
> Email:rubin at ezy.net 
> 
> 
> _______________________________________________
> SunHELP maillist  -  SunHELP at sunhelp.org
> http://www.sunhelp.org/mailman/listinfo/sunhelp



More information about the SunHELP mailing list