Re: UPG and the default umask
On Mon, 17 May 2010, Bernhard R. Link wrote:
> * Peter Palfrader <weasel@debian.org> [100517 16:41]:
> > The main problem with a default 002 umask, IMHO, is that as soon as you
> > copy your files from a host with 002 and usergroups to one without, or
> > untar a tarball created on a 002 host with usergroups on a system where
> > you don't have a usergroup, Bad Things can happen, depending on the
> > exact method you use to copy things.
>
> Every usual copy method should not have that problem (after all, umask
> is about bits not to set with any new files explicitly created).
>
> Only way to get something like that is cp -a or tar -xp.
Not exactly true. Untarring as root preserves these things by default.
Also, using rsync with -avz is pretty standard.
Anyway, my point remains: Procedures that were perfectly fine and
secure up until now would suddenly be broken and dangerous.
--
| .''`. ** Debian GNU/Linux **
Peter Palfrader | : :' : The universal
http://www.palfrader.org/ | `. `' Operating System
| `- http://www.debian.org/
Reply to: