On Sun, Mar 24, 2002 at 08:09:53AM -0600, Ed Wilts wrote: > I personally like the 1 user per group functionality. Secure out of the box > is where I want to be. By default, no user has access to any other user's > data.
This isn't due to the "1 user per group" functionality, but due to the fact
that each users umask is set in such a way that members of the same group
have read-access to their files (umask 026 iirc). So if you want all the
users in one group (f.i. "lusers" - local users) and you make sure that all
the users umasks are set in such a way that only the owner has permissions
(umask 066), then the security is the same.
I personally dislike the "1 user per group" since it is a little bit more
timeconsuming in the beginning to administer accounts.
Wkr,
Sven Vermeulen
--
The memory management on the PowerPC can be used to frighten small
children. (Linus Torvalds.)
msg74795/pgp00000.pgp
Description: PGP signature
