[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: UPG and the default umask

On Wed, May 19, 2010 at 09:48:41PM +0000, Christoph Anton Mitterer wrote:
> On Wed, 19 May 2010 15:22:04 -0600, Aaron Toponce
> <aaron.toponce@gmail.com>
> wrote:
> > You've only mentioned that SSH won't operate if the write bit is set on
> > the keys or anything under the ~/.ssh/ directory. Can you explain how an
> > ssh client failing to connect to an external ssh server because of the
> > umask is compromising security on the system?
> Simply read the mails and those from the other critics again, it's not
> only annoying for myself to repeat things over and over again but also for
> everybody else to read it again.
> Nevertheless just saying "everything's fine" or "you only complained about
> ssh" won't really solve the issues, but just help to wave these changes
> through.

The problem is that most of your mails started with "OMG Debian will
compromise security, you all suck" or a paraphrasing thereof, so most
people didn't bother to read your mails in full and never actually read
a reasonable argument why the default umask should not be changed for
UPG setups.


Reply to: