Thread: UNIX related things... (tr, cut, awk, and permissions)
View Single Post
  #2  
Old December 18th, 2001, 07:17 PM
simX's Avatar
simX simX is offline
Unofficial Mac Genius
  
Join Date: Sep 2001
Location: Bay Area, CA
Posts: 2,183
Thanks: 0
Thanked 0 Times in 0 Posts
simX is on a distinguished road
MORE... the groups "admin", "staff", and "wheel"
Also, about the groups "staff", "admin", and "wheel". The "admin" group includes everybody who is set to be an admin in the Users pane of the System Preferences -- this includes the root user. "wheel" is similar, in that in includes all admins, but it does not include the root user. The "staff" group only includes root. This information can easily be obtained by the NetInfo Manager application. I would like to point out, however, that you can also sort of get this information via the "groups" command in the Terminal -- and it presents a discrepancy. If I put in the command groups simmy, the terminal claims I am part of all 3 groups "staff", "wheel", and "admin". Furthermore, it claims that a non-admin user, (I made one called "test2"), is also in the group "staff". However, I tend to agree with NetInfo Manager, because if you create a new user, his directories are all owned by the group "staff". However, in the Finder, even an ADMINISTRATOR cannot access the files. This shows that, in fact, only the root user is in the group "staff", as NetInfo Manager correctly reports. I have no idea why the "groups" command would report otherwise. Obviously, though, this is a flaw in Mac OS X, because an admin should be able to access another user's files via the Finder, as I had posted in a previous thread before, but no one really took notice. A simple solution would be to make all new folders created for new users to be owned by the group "admin" instead. This way the owner of the files can access her files, and any admin can, but everyone else cannot. Anyone else care to comment on this flaw -- I would like to know if anybody is experiencing the same problem -- log in as administrator, and create a new user that is not an administrator. Then, if you go to the "Users" folder inside your Mac OS X partition, and open up the home folder for the user you just created, you should be denied access from going into any of the "Movies", "Music", "Documents" and similar folders. I would REALLY like someone to confirm this.

That's enough UNIX for one day. I'll be happy to answer other questions about UNIX though. Also, I believe I am correct for most of this stuff, but if I am not, anybody is free to correct me (but I won't admit I'm wrong without proof! ).
__________________
-- simX

Get Memory Usage Getter, the only Mac OS X utility that graphically displays the memory usage of your open processes! http://homepage.mac.com/simx/

450 MHz G4 Cube | 15" flat-panel Apple Studio Display | 896 MB RAM | Que! Fire 12x10x32x FireWire CD-RW | OS X 10.1.5 Build 5S66 | Mac OS 9.2.2 | Telex M-560 Microphone | Epson Stylus Color 777 | TI-Graph Link USB | Pro Speakers/Mouse/Keyboard | Airport card | iPod

"Some people's minds are like cement: all mixed up and permanently set..." -- Andrew Welch, el Presidente, Ambrosia Software, Inc.

"You know that first hit of heroin is free." -- Scott McNealy, Sun Microsystem's CEO, on Microsoft's .NET .

"The day Microsoft makes a product that doesn't suck is the day they start making vacuum cleaners." -- Unknown
Reply With Quote