[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: setgid umask override versus global umask change

On Sun, 2010-05-30 at 09:44 -0700, Mike Bird wrote:
> What, I wonder, would be the consequences of setgid directories
> overring umask, rather than a system wide umask change?
> We could leave umask set to 0022 but when creating files and
> directories in setgid directories the 0020 bit of the umask
> would itself be masked out.
> This would seem to localize the change to where it is needed,
> thus reducing the possibility for accidental security holes.
> Setgid already does much wierdness.  Adding this small extra
> wierdness would not be inelegant.

It would be a gross deviation from the well-understood behaviour of Unix

> This would seem to be a trival kernel patch, whether implemented
> alone or together with a /sys control to enable/disable it.

You would have to convince Linux upstream developers of that, as the
Debian kernel team does not make such changes without upstream
acceptance.  I suggest you don't waste your time trying to do that.

> Can anyone see any downside?

Aside from a surprising change that will lead to security holes, no,
none at all.


Ben Hutchings
Once a job is fouled up, anything done to improve it makes it worse.

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: