I recently went through this, and got this: http://www.redhat.com/docs/manuals/linux/RHL-7.3-Manual/ref-guide/s1-users-groups-private-groups.html
Basically, this is what the redhat convention "user private groups" is all about: * Every user's primary group is a private group for just themselves. * Umask globally set to 002 or 007 * Project areas are chmod g+w and chmod g+s * This way, users' home directories are only writable by themselves, and the project areas are writable by the group. > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Michael Tiernan > Sent: Tuesday, April 15, 2008 9:22 AM > To: Back Bay LISA > Subject: [BBLISA] Reference request..... > > I stuck my foot in it recently. I opened my mouth about using the idea > of a private group for each user (i.e. mtiernan:mtiernan) and then > adding these users to groups that they need to be added to. > > I know that it's a "safer than not" approach but I can't find any > documentation (other than simple docs from Red Hat that this is the > way they do it) that discusses the pros and cons of this. > > While I'm not encouraging or discouraging an intelligent exchange over > the principles involved, I'm really just looking for an existing > reference of someone who reviewed this approach to user/group security > policies. > > Does anyone know of any such references? > > Thank you in advance for anyone's time. > (Let the banter begin!) > -- > << MCT >> Michael C Tiernan. > Is God a performance artist? > EGO hack vivo quod ago accido. > http://www.linkedin.com/in/mtiernan > > _______________________________________________ > bblisa mailing list > [email protected] > http://www.bblisa.org/mailman/listinfo/bblisa _______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
