Re: UPG and the default umask

To: <debian-devel@lists.debian.org>
Subject: Re: UPG and the default umask
From: Christoph Anton Mitterer <calestyo@scientia.net>
Date: Wed, 19 May 2010 21:11:54 +0000
Message-id: <[🔎] 39a6ceb8f92bb5718dc558d118c572bf@imap.dd24.net>
In-reply-to: <[🔎] ht1j0f$m8o$1@dough.gmane.org>
References: <[🔎] 4BE830C8.5050009@gmail.com> <[🔎] 20100510162317.GI2652@radis.liafa.jussieu.fr> <[🔎] 87fx1ykjrt.fsf@windlord.stanford.edu> <[🔎] hsn1gf$cst$1@dough.gmane.org> <[🔎] 4BEFFA02.8000202@gmail.com> <[🔎] 87pr0vg07c.fsf@windlord.stanford.edu> <[🔎] alpine.DEB.1.10.1005170103200.6247@kolmogorov.unex.es> <[🔎] 84d3wvj7e5.fsf@sauna.l.org> <[🔎] alpine.DEB.1.10.1005171419450.12903@kolmogorov.unex.es> <[🔎] 844oi6k7x6.fsf@sauna.l.org> <[🔎] alpine.DEB.1.10.1005191903510.17907@cantor.unex.es> <[🔎] ht1j0f$m8o$1@dough.gmane.org>

On Wed, 19 May 2010 22:51:25 +0200, Willi Mann <foss-ml@wm1.at> wrote:
> The gain would be a guard against accidental 002 umasks in non-UPG 
> environments, which I'm quite sure will happen. Either because admins do
> not 
> read the release notes or because they forget to do the change on one of

> their newly-installed machines despite reading the release notes. 
I also think, that the current check is far to less...


Nevertheless may I suggest to stop any further active changes in that
issue (UPG/umask) until this discussion here is over and final decision has
been made.
Or is that already, the case? At least I've had the impression that
neither mine, nor the arguments of some other people (Harald, Peter, etc.)
were even answered here.


> On the other hand, other distributions already use default 002 umask 
> unconditionally and I'm not aware of any complaints. So admins in
non-UPG 
> environments using these distros seem to be able to cope with it. 
The reason could be that people simply don't recognise, that they might
have compromised their own security... and those who know what happens
don't complain.


> However, there might be stronger expectations about Debian's default 
> security-related settings,
Well... I guess you can forget about that.


> which might explain the harsh wordings chosen
> by 
> some opponents of this change.
Funny that you notice it.... I was (off list) mailed by some people and
harshly insulted with words I better don't repeat here,... and not even for
technical reasons, as stated, but just because I don't bow to what is
considered the majority.


And from all of us here: I wish you happy painting,
Chris.

Reply to:

Follow-Ups:
- Re: UPG and the default umask
  - From: Christoph Anton Mitterer <calestyo@scientia.net>
- Re: UPG and the default umask
  - From: Aaron Toponce <aaron.toponce@gmail.com>
- Re: UPG and the default umask
  - From: Stefano Zacchiroli <zack@debian.org>

References:
- UPG and the default umask
  - From: Aaron Toponce <aaron.toponce@gmail.com>
- Re: UPG and the default umask
  - From: Julien Cristau <jcristau@debian.org>
- Re: UPG and the default umask
  - From: Russ Allbery <rra@debian.org>
- Re: UPG and the default umask
  - From: Willi Mann <foss-ml@wm1.at>
- Re: UPG and the default umask
  - From: Aaron Toponce <aaron.toponce@gmail.com>
- Re: UPG and the default umask
  - From: Russ Allbery <rra@debian.org>
- Re: UPG and the default umask
  - From: Santiago Vila <sanvila@unex.es>
- Re: UPG and the default umask
  - From: Timo Juhani Lindfors <timo.lindfors@iki.fi>
- Re: UPG and the default umask
  - From: Santiago Vila <sanvila@unex.es>
- Re: UPG and the default umask
  - From: Timo Juhani Lindfors <timo.lindfors@iki.fi>
- Re: UPG and the default umask
  - From: Santiago Vila <sanvila@unex.es>
- Re: UPG and the default umask
  - From: Willi Mann <foss-ml@wm1.at>

Prev by Date: Re: UPG and the default umask
Next by Date: Bug#582308: ITP: mango-lassi -- Share mouse and pointer with other computers
Previous by thread: Re: UPG and the default umask
Next by thread: Re: UPG and the default umask
Index(es):
- Date
- Thread