On Fri, 31 Mar 2000, I. Forbes wrote:
> adm:4:
can read /var/log files
> tty:x:5:
> disk:x:6:
> cdrom:x:24:
> floppy:x:25:
> tape:x:26:
use certain /dev devices
> staff:x:50:
miscellaneous files and directories like: /home/f/ and /usr/local/
> games:x:60:
I don't play games, but maybe for writing scores?
> nogroup:x:65534:
Nothing should be owned by nogroup. You may run something as nogroup. But
it should not have write access to anything. For some reason
/var/run/identd/ is nogroup on my system. I don't know why and I think
this may be wrong.
> Which files and directories allow access from these groups in a
> Debian installation?
I used "find / -group GROUP" to find the above.
> Would it make sense to add certain users to say "cdrom", "adm" or
> "staff" ? What rights would such a user be expected to gain from
> this?
Add some users to group adm so they can read log files for example.
Jeremy C. Reed
....................................................
BSD software, documentation, resources, news...
http://bsd.reedmedia.net
