[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: UPG and the default umask

On Sat, May 15, 2010 at 02:34:57PM -0700, Russ Allbery wrote:
> That's a good idea. I'm not sure if all UNIX group systems allow
> one to ask how many users are a member of a particular group, but
> if there's a way to ask that question at least in those group
> systems that support it, the implementation should be fairly
> straightforward.

This is racy, unfortunately (at least by itself). Consider a non-UPG
system which starts with one user... this check passes and files get
created with group write flagged. Later, subsequent users appear
sharing that same group and the default umask stops making new files
group-writeable, but the first user's original files are now able to
be modified by others (and then his account is immediately at risk
of being taken over by one of the new users without his knowledge).

Of course, coupled with other checks like uname==gname, parsing
login.defs, et cetera, it could add an extra layer of assurance.
{ IRL(Jeremy_Stanley); PGP(9E8DFF2E4F5995F8FEADDC5829ABF7441FB84657);
SMTP(fungi@yuggoth.org); IRC(fungi@irc.yuggoth.org#ccl); ICQ(114362511);
AIM(dreadazathoth); YAHOO(crawlingchaoslabs); FINGER(fungi@yuggoth.org);
MUD(fungi@katarsis.mudpy.org:6669); WWW(http://fungi.yuggoth.org/); }

Reply to: