[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: UPG and the default umask

On Mon, 17 May 2010, Timo Juhani Lindfors wrote:

> Santiago Vila <sanvila@unex.es> writes:
> > Ok, what about PAM?
> "UsePAM no" is the default in openssh. I do not know if this is just
> to reduce the attack surface.

Grr. We are supposed to be system integrators, but how can we do that
if some parts of the system do not trust the other parts of the system?
That results in useless duplication of work.

Do I really have to put complex code in /etc/profile to use the old
umask when 1 <= uid <= 100?

Instead, we could consider as a bug that a "system user" wants to
login to the system at all.

Reply to: