[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: UPG and the default umask

On Mon, 17 May 2010, Bernhard R. Link wrote:

> * Peter Palfrader <weasel@debian.org> [100517 16:41]:
> > The main problem with a default 002 umask, IMHO, is that as soon as you
> > copy your files from a host with 002 and usergroups to one without, or
> > untar a tarball created on a 002 host with usergroups on a system where
> > you don't have a usergroup, Bad Things can happen, depending on the
> > exact method you use to copy things.
> 
> Every usual copy method should not have that problem (after all, umask
> is about bits not to set with any new files explicitly created).
> 
> Only way to get something like that is cp -a or tar -xp.

Not exactly true.  Untarring as root preserves these things by default.
Also, using rsync with -avz is pretty standard.

Anyway, my point remains:  Procedures that were perfectly fine and
secure up until now would suddenly be broken and dangerous.

-- 
                           |  .''`.  ** Debian GNU/Linux **
      Peter Palfrader      | : :' :      The  universal
 http://www.palfrader.org/ | `. `'      Operating System
                           |   `-    http://www.debian.org/
Reply to: