9fans archive / 1997 / 10 / 62 /    prev next

From: G. David Butler gdb@dbS...
Subject: [9fans] group organization
Date: Thu, 23 Oct 1997 18:45:19 -0500

From: Kenji Arisawa <arisawa@veg...>
>
>Hello 9fans!
[snip]
>
>Plan9 forbids:
>    chgrp group file ...
>to the group the user does not belong to.
>I cannot understand this restriction.
>What problem does it make if plan9 admits:
>    chgrp anygroup file ...

It is similar to "chown anyuser file ..."  If you don't have
a problem with that one, then you won't have one with yours.

I think the goal is that the ownership (or "groupship") of
files needs to be "trusted".

>Here is an example that shows this effect.
>Let /adm/users be
>    alice:alice
>    bob:bob:
>    david:david:
>and david be a professional programmer who is advising both alice and bob.
>Assume alice doesn't want to be read her file to bob and
>bob also doesn't want to be read his file to alice.
>
>Then if alice and bob could execute respectively,
>    alice% chgrp david herfile; chmod 640 herfile
>    bob% chgrp david hisfile; chmod 640 hisfile
>everything would go well!

How about let /adm/users be
	alice:alice:david
	bob:bob:david
	david:david:

Then alice and bob only have to chmod g+r theirfile