[clue-admin] User setup for "member" accounts
grant johnson
amadensor at gmail.com
Tue Jan 4 12:33:05 MST 2005
> We can mitigate this quite a bit using umask and making sure file
> permissions are the most restrictive they can be.
>
> If we make the members' default umasks 0077, then there's no group access
> by default for files created. Only problem is, I don't see how (yet) to do
> that with sftp, since it seems to be something that's associated with
> shells. (But that can't be entirely true.)
>
You may also be able to do this with sticky bits. We have out CVS
repository to carry forward group permissions, and it uses sticky bits
to do that. The file owner can change it, but they have to do it
explicitly.
More information about the clue-admin
mailing list