On 12-10-17 03:52 PM, John Moser wrote: > > Let's first assume we have three users: > > jkirk > ksingh > wriker > > Now, let's say any of these wants to give any of the others access to > his files in general (i.e. his $HOME). Let's for our example say > jkirk wants wriker to have access. > > First, he must find the sysadmin. The sysadmin must then put wriker > in group jkirk. Also, ~jkirk must be group-readable, as must any > files.
In a default Ubuntu installation, jkirk's files are already accessible to other users. > > To do this without a sysadmin, the user must be sysadmin. Either none > or one of these users can do it all; or all of them can and then we're > not dealing with any kind of document security. > > With POSIX ACL instead AND AN INTERFACE FOR IT, jkirk simply > right-clicks on his Home directory in Nautilus (Konqueror Thunar etc), > hits Permissions, Add, puts in 'wriker' with 'read, access files > inside directory'. Since his files are all read-write by group > (umask=002) instead of just readable (umask=022), this makes all his > files writable by wriker, of course. That's not the point here, > HOWEVER it is a concern. > > Notice this is simple, and the user can do it themselves. > A user can't change permissions on his $HOME by himself. Only a sysadmin can. > > > Someone raised shared directories and SGID. When we get to SGID we've > stepped slightly outside simple, but I'll allow it. > > Let's say now jkirk wants to share specific files with wriker, and > specific other files with ksingh. Let's tackle ksingh first. > > jkirk could put a directory in a shared location, with SGID, > accessible by jkirk, and have the sysadmin give ksingh the jkirk > group. This would, of course, also allow ksingh into anything else > accessible by jkirk's group--so if his home directory is open, or if > he has a file shared with wriker by putting wriker in the jkirk group, > those files are also accessible by ksingh as a matter of course. > > Repeat: those OTHER files are also accessible by ksingh as a matter of > course. > > Instead, ksingh could have jkirk put in the ksingh group; this creates > the same problem for ksingh. > > Next of course jkirk tries to create a shared directory to share some > files with wriker, but of course that makes things complex. Maybe > wriker does it, but then he shares with ksingh, which means wriker has > the same problem of jkirk getting files he wants to only share with > ksingh, or jkirk must accept the problem of sharing files with ksingh > when he only wants those files to go to wriker (and with wriker when > he wants those files only to go to ksingh). > > Then, everybody gives up and just uses e-mail to send files back and forth. > > Instead, jkirk creates a directory to share with ksingh. The > directory is mode 700, owned by jkirk, and in the group 'users', and > with the SGID bit set (so not mode 700, more mode 02700? I forget > what's SUID, SGID, and sticky, ok?). He right clicks on it, hits > Properties, Permissions, adds ksingh with rwx (remember X on > directories is "access files inside"). When jkirk or ksingh creates > files inside, they are read/write by group and automatically in the > group 'users', so jkirk and ksingh can access all files in the > directory. This only works if the user default umask is 002, which wouldn't be the case if you're not using User Private Groups. Marc. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss