Samba, netatalk, proftpd combined file sharing... permissions and groups
 

Hi everyone

I'm setting up a new NAS box and I'd like to share volumes out using 3 different protocols:
SMB, Samba
AFPD, Netatalk (AFPD over tcp/ip, not Appletalk)
FTP, ProFTPD
Possibly a 4th at some point as well... HTTP using WebDAV

I'd like all volumes to be fully accessible by users, so can delete files created through other protocols, rename, make directories, everything.

I've already got some test shares up and running with my configurations almost there... but what's a good starting point to getting the permissions correct?
664 seems like a sensible starting point to me.
There's no reason why any of the files in the shares need to be executable. Any files that I want to execute (backup scripts etc) will not be living in these shares.
Is there any reason why I would want world/other to have write or even execute permissions?
Could I even just drop that down to 660?

I've created a "filesharing" group and added root to it. Should I also create system users for each service then add those users to the group?

The problem is, each of the above services have different levels of granularity when it comes to specifying the permissions of created files.
Samba's got probably the most control, then ProFTPD, then finally Netatalk.

Anyone been down this road before?
Any other comments/suggestions?

Cheers, B