Re: UPG and the default umask

To: debian-devel@lists.debian.org
Subject: Re: UPG and the default umask
From: Aaron Toponce <aaron.toponce@gmail.com>
Date: Wed, 19 May 2010 15:22:04 -0600
Message-id: <[🔎] 4BF4567C.7050202@gmail.com>
In-reply-to: <[🔎] 39a6ceb8f92bb5718dc558d118c572bf@imap.dd24.net>
References: <[🔎] 4BE830C8.5050009@gmail.com> <[🔎] 20100510162317.GI2652@radis.liafa.jussieu.fr> <[🔎] 87fx1ykjrt.fsf@windlord.stanford.edu> <[🔎] hsn1gf$cst$1@dough.gmane.org> <[🔎] 4BEFFA02.8000202@gmail.com> <[🔎] 87pr0vg07c.fsf@windlord.stanford.edu> <[🔎] alpine.DEB.1.10.1005170103200.6247@kolmogorov.unex.es> <[🔎] 84d3wvj7e5.fsf@sauna.l.org> <[🔎] alpine.DEB.1.10.1005171419450.12903@kolmogorov.unex.es> <[🔎] 844oi6k7x6.fsf@sauna.l.org> <[🔎] alpine.DEB.1.10.1005191903510.17907@cantor.unex.es> <[🔎] ht1j0f$m8o$1@dough.gmane.org> <[🔎] 39a6ceb8f92bb5718dc558d118c572bf@imap.dd24.net>

On 05/19/2010 03:11 PM, Christoph Anton Mitterer wrote:
> Or is that already, the case? At least I've had the impression that
> neither mine, nor the arguments of some other people (Harald, Peter, etc.)
> were even answered here.

You've only mentioned that SSH won't operate if the write bit is set on
the keys or anything under the ~/.ssh/ directory. Can you explain how an
ssh client failing to connect to an external ssh server because of the
umask is compromising security on the system?

Also, can you please provide an extra carriage return between your reply
and the quoted text? Reading your replies is a bit annoying.

> The reason could be that people simply don't recognise, that they might
> have compromised their own security... and those who know what happens
> don't complain.

Please explain how people's security is compromised because their umask
is 0002 instead of 0022. I'm still waiting for this FUD to be backed up.

-- 
. O .   O . O   . . O   O . .   . O .
. . O   . O O   O . O   . O O   . . O
O O O   . O .   . O O   O O .   O O O

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to:

Follow-Ups:
- Re: UPG and the default umask
  - From: Christoph Anton Mitterer <calestyo@scientia.net>

References:
- UPG and the default umask
  - From: Aaron Toponce <aaron.toponce@gmail.com>
- Re: UPG and the default umask
  - From: Julien Cristau <jcristau@debian.org>
- Re: UPG and the default umask
  - From: Russ Allbery <rra@debian.org>
- Re: UPG and the default umask
  - From: Willi Mann <foss-ml@wm1.at>
- Re: UPG and the default umask
  - From: Aaron Toponce <aaron.toponce@gmail.com>
- Re: UPG and the default umask
  - From: Russ Allbery <rra@debian.org>
- Re: UPG and the default umask
  - From: Santiago Vila <sanvila@unex.es>
- Re: UPG and the default umask
  - From: Timo Juhani Lindfors <timo.lindfors@iki.fi>
- Re: UPG and the default umask
  - From: Santiago Vila <sanvila@unex.es>
- Re: UPG and the default umask
  - From: Timo Juhani Lindfors <timo.lindfors@iki.fi>
- Re: UPG and the default umask
  - From: Santiago Vila <sanvila@unex.es>
- Re: UPG and the default umask
  - From: Willi Mann <foss-ml@wm1.at>
- Re: UPG and the default umask
  - From: Christoph Anton Mitterer <calestyo@scientia.net>

Prev by Date: Re: UPG and the default umask
Next by Date: Bug#582315: ITP: pyrit-cuda -- NVIDIA CUDA support for Pyrit
Previous by thread: Re: UPG and the default umask
Next by thread: Re: UPG and the default umask
Index(es):
- Date
- Thread