home *** CD-ROM | disk | FTP | other *** search
- From: knarf@nasim.cube.net (Frank Bartels)
- Subject: Re: supplementary groups question...
- Date: Thu, 23 Jun 1994 20:09:50 +0200 (MET DST)
- In-Reply-To: <9406231421.AA13595@amsel.techfak.uni-bielefeld.de> from "itschere@TechFak.Uni-Bielefeld.DE" at Jun 23, 94 04:21:08 pm
- Mime-Version: 1.0
-
- itschere@TechFak.Uni-Bielefeld.DE wrote:
- >
- > Bart Schuller wrote:
- >
- > > Yes: please don't change this behaviour, it's supposed to work this way.
- > > It even has some advantages: you now have a very simple way to restrict
- > > access to some files for a specific group; make the permissions rwx---r-x
- > > and everyone in the same group as the file wil be denied access to it.
- >
- > Sh*t, looks like SUN-OS also behaves that way... :-(
-
- Yes, it does. ;)
-
- > Which kind of devil has ridden them to define *that* as official behaviour?
-
- That was the behaviour I expected as read in a book about UNIX security.
- The permissions are tested from left to right, if the user matches the
- uid or gid, those permissions are used.
-
- [SunOS 4.1.1]
- /home/knarf> id
- uid=100(knarf) gid=30(admin) groups=30(admin),0(wheel),8(uucp),100(user),\
- 101(xlib),102(connbeta),103(gmnibeta)
- /home/knarf> ll testfile
- -rw----rw- 1 tom xlib 0 Jun 23 20:00 testfile*
- /home/knarf> more testfile
- testfile: Permission denied
-
- /home/knarf> ll testfile
- ----rw-rw- 1 knarf xlib 0 Jun 23 20:00 testfile*
- /home/knarf> more testfile
- testfile: Permission denied
-
- > Now is it correct that this behaviour must be applied to any of the supp.
- > gids, and thus maybe deny access if any of them matches, but has different
- > permissions?
-
- Seems to be correct.
-
- Bye,
- Knarf
- --
- Frank Bartels | UUCP: + 49 89 5469593 | MiNT is
- knarf@nasim.cube.net | Login: nuucp Index: /pub/ls-lR.nasim.gz | Now TOS!
-
