[OpenAFS-devel] Re: [OpenAFS] 2.6 kernel support anytime soon? Workarounds?
Kris Van Hees
aedil-afs@alchar.org
Wed, 12 May 2004 11:17:07 -0400
On Wed, May 12, 2004 at 01:50:42PM +0300, Atro Tossavainen wrote:
> On Tue, May 11, 2004 at 14:13:23 -0400, GAWollman wrote:
> > This could bite us very hard. Our users are set up with primary gid
> > == uid, and the shared UID space runs from 5000 to 32000.
>
> Ded Rat does this, too. Would somebody bother explaining to me what
> the supposed benefit of this is? Judging from my viewpoint as a
> systems administrator in another multi-OS, multi-architecture, multi-
> department, multi-everything AFS shop, I can't see where it is coming
> from and whether it does any good.
The only reasoning I ever saw for this practise (can't remember where, it was
quite a while back) was to offer basic "security" to people who were careless
with modebits. The idea was that since the default umask is commonly set to
022, creating users with gid == uid would at least ensure that people would
still not be able to read eachothers' files by default.
Sick.
Kris