On Mon, Dec 24, 2012 at 03:27:57PM +0000, jb wrote: > Mikhail T. <mi+thun <at> aldan.algebra.com> writes: > > > > > On 23.12.2012 11:48, Chris Rees wrote: > > > They involve a lot of thought to get right, as well as chmod g-w on > > > something where you probably meant chmod go-w is a disastrous but > > > (perhaps) common error. Chris > > > > Well, in (over 20) years of dealing with Unix, I've never made a mistake > > like that, nor do I understand, how it can be considered "common" ... > > Got to admit, I was surprised to see it. It made me think, I do not > > understand something -- or that FreeBSD is becoming overly > > paternalistic. It turned out to be the latter... > > > > I doubt, it is useful. Worse, issuing such warnings routinely, only > > reinforces the unfortunate misconceptions like the one Barney > > demonstrated in this thread. When originally added, the check was meant > > to be off by default: > > ... > > perhaps, it should have remained off? Yours, > > Those security checks are for a reason - people make mistakes (even a perfect > guy like you will have a "head in a brown bag" time). > It is better to get a heads-up, then think about it and turn it off > (customize) > if considered unneeded.
This specific check is there and on by default because you CAN NOT rely on negative group permissions unless you never use more than 14 groups or never use NFS. The check is a compromise I implemented as part of the switch to allowing large number of groups per user (technically per-process). Users who wish to use them and know what they are doing can easily turn it off. IIRC the reason it was off by default to start with is that I wanted to MFC it but it's been a long time so I'm no longer certain. -- Brooks
pgpgTrzT6zRm2.pgp
Description: PGP signature
