Hi, Hans wrote: > I am wondering, why on a multiuser system like debian the rights for a > normal user are "rw- r-- r--", (owner: user and ownergroup: usergroup)
Because the usual umask of 0022 keeps the more credulous programs from giving w-permission to everybody. Any program is free to hand out restricted permission. umask just defines what such a program shall not get done immediately when the file is created. Afterwards a program can still widen permissions. > First two are clear: rw for myself, and readable for all users, i am > allowing into my own grou. It's not necessarily your group, but rather the group to which the file belongs. This is typically the group of the process of the program which creates the file. (Unless it has superuser powers and can change the group id.) Shell command "id" can tell your current shells user id and group id which in most cases are inherited by programs which you start. $ id id=number(name) gid=number(name) groups=number(name),... But there are the programs which are allowed to run under a self chosen user and group id. (See man 1 chmod permission "s" and man 2 setgid.) Have a nice day :) Thomas
