Re: UPG and the default umask
]] Christoph Anton Mitterer
| On Mon, 2010-05-17 at 11:50 -0600, Aaron Toponce wrote:
| > How does this compromise security when you're the only member of your
| > private group?
| And if you are not?
Then you have a misconfigured system where security might be
compromised. If it's intentional, you should also change the system
umask, be it using pam_umask, /etc/profile or whatever mechanism you
wish.
| Why should you? Well someone simply might not want to use UPG? Or might
| use the users or staff group?
|
| Or do "we" now basically force everybody to use UPG?
See above, you then have to configure the system to not use UPGs.
| > seeing as though Debian is a UPG-based operating system.
| Is it? Again,... speechless...
Yes, out of the box, each user has their private group and the umask is
0002, making it a UPG-based system. That does not mean you can't
configure it otherwise of course.
--
Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends are
Reply to: