Adam may have gotten the default group ID wrong, but he is correct in stating that this is a Linuxism (and a relatively recent one, at that).
I didn't really get the security advantage of this practice at first, and it's still a bit questionable, but over the years, I've seen so many users who just didn't understand file permissions, let alone the use of group ownership and permissions, and would inadvertently give away more access than they wanted to or should. I've also seen many users who should have known better, but were probably just too lazy to get it right.
The reason I say "questionable" above, is I've also seen people get the world permissions wrong as well, so the idea of a default private group is a partial solution at best. (Education is probably a better solution, in the long run, but...)
But given the prevalence of Linux, and this now-default group practice, you know it's just a matter of time before some programmer assumes this as a universal truism, and does the wrong thing when someone's primary group is anything else! But until then, Trevor, you're probably safe to use a different primary group. ;)
Gilbert
On 2023-04-18 9:47 a.m., Kevin McGregor wrote:
Very minor note: I just created a new user (via useradd) on Solaris 11.4.53 and the default group is "staff" (uid=10).
On Tue, Apr 18, 2023 at 8:19 AM Adam Thompson <athompso@athompso.net mailto:athompso@athompso.net> wrote:
...
> That's a decent idea. However, I'm always a bit freaked out making a > user's primary group something other than their eponymous group. Not > sure if that's justified or not, but it gives me the heebie-jeebies > like I'm breaking some cardinal rule and K&R will come to my house and > beat me up. It's not justified. Each user having their own primary group is a Linuxism, and a fairly recent development in UNIX history. On Solaris, when you create a new user, IIRC their default/primary group is still "usr". Because each user having their own group makes the average system much more secure (see "shoot self in foot", above), pretty much everyone has adopted it by now.