Path: utzoo!mnetor!uunet!munnari!kre
From: kre@munnari.oz (Robert Elz)
Newsgroups: comp.unix.wizards
Subject: Re: How can a group id, be droped?
Message-ID: <2035@munnari.oz>
Date: 13 Mar 88 13:27:36 GMT
References: <104@cui.UUCP> <5365@columbia.edu>
Organization: Comp Sci, Melbourne Uni, Australia
Lines: 13

In article <5365@columbia.edu>, ji@read.columbia.edu (John Ioannidis) writes:
> Anyway, just removing a group should not ask for
> any special authorization,

This is a mistake, useful things can be done with bsd groups provided
that users can't manipulate them (apart from running a setgid program).

Eg: we have a group "solitary" which we occasionally put troublemakers
into.  A whole bunch of directories are 705 mode, owned by group solitary.

This is remarkably effective.

kre