Re: UPG and the default umask

To: debian-devel@lists.debian.org
Subject: Re: UPG and the default umask
From: Klaus Ethgen <Klaus@Ethgen.de>
Date: Mon, 10 May 2010 23:46:01 +0100
Message-id: <[🔎] 20100510224601.GD19222@ikki.ethgen.de>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 4BE8600C.8000005@gmail.com>
References: <[🔎] 4BE830C8.5050009@gmail.com> <[🔎] 20100510190747.GC19222@ikki.ethgen.de> <[🔎] 4BE8600C.8000005@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

Am Mo den 10. Mai 2010 um 20:35 schrieb Aaron Toponce:
> > See the case the user wants another person in his own group to share
> > files. Then he might set the files readable for his group only but not
> > for world. So the other user can read this data. But he cannot write it
> > as it might be intended.
> > 
> > Setting the umask to 002 let the other user _edit_ all files the user
> > did create in the past with that umask factual giving away most of his
> > files.
> 
> The point of UPG is to not put users you don't trust in your private
> group. That's why it's called "private". :)

You can never trust anybody for giving him rights to _all_ of your
files. So this assuming is never true and a user will not have any
benefit of this group if the umask is 002!

> If you don't trust users in your UPG, then the administrator should
> setup a different group, and put the necessary users in that group.

Give me one case where this is true. If there is a group for sharing
purpose the users will use it -- and will lower there security down to
nothing. Setting a default umask of 002 is highly negligent!

> I'm all for increasing security, but it always comes at a cost.

Thats true. But setting the umask to 002 will lower them for no benefit.

> In this case, the convenience of setting up group collaboration
> directories becomes a pain to administer, as the group write bit is
> never set, and cron jobs, profile-specific umask values, or FACLs are
> used instead, adding to the complexity of the system.

Well, all cases I know about where collaboration was setted up, the
person who did was knowing exactly what he did. And that is the way it
should. Don't let users do something if they do not know what
consequences it will have -- specialize in security!

The crazy idea of setting the umask to 002 per default will end in many,
many systems where the users have a low as nothing security for they
important files only to serve some few use cases where the persons
normally know how to get rid of anyway.

Regards
   Klaus
- -- 
Klaus Ethgen                            http://www.ethgen.de/
pub  2048R/D1A4EDE5 2000-02-26 Klaus Ethgen <Klaus@Ethgen.de>
Fingerprint: D7 67 71 C4 99 A6 D4 FE  EA 40 30 57 3C 88 26 2B
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEVAwUBS+iMqZ+OKpjRpO3lAQqG3gf+M2O3qx+FFXgOT9V7VH+nx2Hcs5u1w2k9
Bk7ALBwQhZJKJV7oioyDx7GCBXnp/R2cpyyIsq8/dtT8I2+sCIuR5K6r18DRgGkB
At8Z6u0HEl/8Pl/lwnBaBhgr18iD8oUN8WXvIiS/La4n562gQfqG2Bw008QycEoz
ywWQzlOGahdfA9RA+luY3t+w6fT0+R4kU3za/C5tF6TY1pNtyyywvMrsf6sQGjES
JevSyP3FRix7scvSxtg4F/+9RBX8ei8bKe4gg13f8Em1i3p7CXbko+GfFDq0s3bs
5IxMUxN1LIXjZMaLyYwfeGasFjJlyZAb0JDY47xy9oLzQJBw8/k9xQ==
=8V8t
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: UPG and the default umask
  - From: Aaron Toponce <aaron.toponce@gmail.com>

References:
- UPG and the default umask
  - From: Aaron Toponce <aaron.toponce@gmail.com>
- Re: UPG and the default umask
  - From: Klaus Ethgen <Klaus@Ethgen.de>
- Re: UPG and the default umask
  - From: Aaron Toponce <aaron.toponce@gmail.com>

Prev by Date: Re: chromium-browser from experimental has included h.264 by default?
Next by Date: Re: Parallellizing the boot in Debian Squeeze - ready for wider testing
Previous by thread: Re: UPG and the default umask
Next by thread: Re: UPG and the default umask
Index(es):
- Date
- Thread