tlug: Why group-per-user? [was: ""]

["Stephen J. Turnbull" <turnbull@example.com>]

>>>>> "juhp" == Jens-Ulrik Petersen <jens-ulrik.petersen@example.com> writes:

    juhp> Viktor Pavlenko <pavlenko@example.com> writes:

    >> I wonder why a user, let's say, HERNAME on Linux belongs to the
    >> group HERNAME by default. 

    juhp> I think it depends on the distribution you're using.

Yes.

    juhp> I am not sure about Debian, as far as I remember at the end
    juhp> of last year there was a default group for all new users
    juhp> added.

No, Debian has used the group-per-user scheme as long as I've used
Debian (2-1/2 years, now, I think).

    >> What's the philosophy behind it? 

Security, of course.

The classic system with an individual user, a group of all local
users, and the universe at large implies that all local users trust
each other.  One of the funniest things I ever saw was when a real
jerk of a colleague wrote a memo to the dept char complaining in
really nasty and unfair terms about the senior admin assistant.  He
named it by her name (let's say "Sophia"), and left it in his
wordprocessing directory.  Well, the wp directories were "group
staff"!  The secretary who was inputting his latest ms noticed the
file named "Sophia", peeked, told Sophia (who was group staff, of
course), and all hell broke loose.

If your box is on the Internet and you have users that aren't you and
you aren't married to, chances are good that some passwords are loose
in the world.  Unless you use cracklib and similar measures to check
security of passwords, you probably have some weak ones lying about (1
in 4, according to some studies---3 users means a cracker has better
than even odds of getting in by simple guessing, not even using a
dictionary or anything like that).  The "one big happy family"
approach means that from the point of view of a cracker there's little
difference between permissions 0777 and 0770.

Having been broken into twice (once having an account hacked, the
other time my box got on a list of open spam relays), I strongly favor 
the conservative approach to such issues.  Shut everything off, then
open up what you need.

An out of the box Red Hat installation is a delicious sight for script 
kiddies.  Battening down the hatches on a default install of a Red Hat
system is tedious and error prone.  Ask Steve Baur his opinion at the
November meeting ;-)  (Unfortunately, I don't think recent Debian
systems are much better.)

    >> What's the purpose of existing of such a group if only one user
    >> belongs to it?

First, if you want to add users, you just ask your admin to do it.  On 
GNU/Linux, of course that's usually you.  One could create an sgid
script to do it, too, I think.  This is a typical way to manage web
sites.  The person(s) who upgrade the software and decide global
policy have access to the webmaster account; people who are trusted
enough to help edit ordinary users' data but not with the system
itself do not get the password to the webmaster account, but are
included in the webmaster (or www-data) group.

Second, you can password the group (passwd -g $GROUP); in that case,
all you need to do is give the password to people you want to include
in the group and they can use newgrp(1) or sg(1).  A bit clumsy, but
how often do you su?  I do it all the time.  A passworded group is
less risky than passing out the root password....


-- 
University of Tsukuba                Tennodai 1-1-1 Tsukuba 305-8573 JAPAN
Institute of Policy and Planning Sciences       Tel/fax: +81 (298) 53-5091
__________________________________________________________________________
__________________________________________________________________________
What are those two straight lines for?  "Free software rules."
-------------------------------------------------------------------
Next Technical Meeting: October 9 (Sat), 13:30   place: Temple Univ.
* Linux Internationalisation Initiative (Li18nux) speaker: Akio Kido
* Japanese TrueType Fonts                     speaker: Adrian Havill
Next Technical Meeting: November 13 (Sat), 13:30 place: Temple Univ.
* Network Security                               speaker: Steve Baur
Next Nomikai:  December 17 (Fri), 19:00 Tengu TokyoEkiMae 03-3275-3691
-------------------------------------------------------------------
more info: http://www.tlug.gr.jp        Sponsor: Global Online Japan