Willi Mann <[email protected]> writes: > Russ Allbery wrote: >> The purpose of UPG is not to use the user private group for any sort of >> access control. Rather, the point is to put each user in a group where >> they're the only member so that they can safely use a default umask of >> 002 without giving someone else write access to all their files.
> Is it possible to detect whether an account is configured properly based > on the UPG idea? If yes, wouldn't it then make sense to only set umask > 002 if a proper UPG account is detected, otherwise 022? This would avoid > putting non-UPG systems on danger. That's a good idea. I'm not sure if all UNIX group systems allow one to ask how many users are a member of a particular group, but if there's a way to ask that question at least in those group systems that support it, the implementation should be fairly straightforward. -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
