[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: UPG and the default umask

found 248140 5.3

Dear Santiago,

You probably have seen the discussion about user private groups on debian-devel
this week: [🔎] 4BE830C8.5050009@gmail.com">http://lists.debian.org/msgid-search/[🔎] 4BE830C8.5050009@gmail.com

The core argument is that since user private groups are not meant to be shared,
and that therefore an umask of 002 is not creating security risk. On the other
hand, an umask of 022 is preventing from harvesting the benefits of user
private groups. See in particular the summarry from Russ Allbery:
[🔎] 87fx1ykjrt.fsf@windlord.stanford.edu">http://lists.debian.org/[🔎] 87fx1ykjrt.fsf@windlord.stanford.edu

I read this bug report (http://bugs.debian.org/248140) and indeed, if users
have been used that Debian has an umask of 022, perhaps the change could be
surprising. However, it would not affect existing systems. I can propose a
patch to the release notes if pepole think it would be useful.

If no stronger objections against a change from 022 to 002 is raised, would you
agree changing base-files so that /etc/profile uses 002 on new systems?

Have a nice day,

Charles Plessy
Tsurumi, Kanagawa, Japan

Reply to: