On Sun, 2010-02-14 at 22:11 +0000, Ted.Harding@manchester.ac.uk wrote:
Hi Folks, I recently noticed something which struck me as strange.
In the past, on my older Linux distributions, an "ordinary" user gets set up as user=<username> and group="users". Thus, for instance, on those systems an 'ls -l' gives the likes of
-rw-r--r-- 1 ted users 16 Apr 2 2008 - drwxr-xr-x 3 ted users 20480 Jun 3 2008 00_junk drwxr-xr-x 2 ted users 4096 May 10 2005 00_misc drwxr-xr-x 2 ted users 4096 Jan 31 2008 00_realplay
However, on recent Debian (since Etch), I see that it is user=<username> and group=<username>. Thus now 'ls -l' gives
-rw------- 1 ted ted 4643403 2009-06-02 18:56 03-Iii_Sarabanda.mp3 -rw------- 1 ted ted 3476861 2008-04-27 21:38 2nd_week_004.jpg -rw------- 1 ted ted 2879890 2008-04-27 21:38 2nd_week_006.jpg
As far as I know the reason for this is that the umask is often set rather open so files are often readable and sometimes even writable to other people in the same group. Making each user a member of a unique per-use group closes down this potential insecurity.
There is some more information in the manual entry to adduser and there is a setting USERGROUPS in the /etc/adduser.conf file which controls this.
Steve.