Re: Seeking consensus for some changes in adduser
Hi,
sorry for being so late in the discussion.
On Tue, 2022-07-19 at 08:49 +0200, Marc Haber wrote:
> We implemented that change last week, and promptly a bug report
> (#1014901) appeared, giving what we consider good arguments to change
> this back to 0700. Here is what the adduser team considers possible
> documentation for this, and we itend to include this in NEWS.Debian as a
> rationale for the change.
>
> [...]
>
> As mode 0700 provides both the most secure, unsurprising default, and is
> in line with most other major distributions, the adduser team considers
> the matter to be settled; any further discussion should come prepared
> with rationale, support, convincing use cases and a significant public
> discussion period.
Ubuntu changed the default DIR_MODE to 0750 in January 2021 [1] with the
same intention than Debian now. I like to see Debian and Ubuntu agree on
one default DIR_MODE to keep the package difference small and make
documentation shareable.
Since users have their own primary group, it makes more sense to
have this users group have read access. So people can easily add users
to other users groups to give them read access. I read through the mails
on Debian and found no mentioning about 0750 (and therefore no reason
against it). Therefore I suggest to change the default permission for
users from 0700 to 0750.
[1] https://launchpad.net/bugs/48734
--
Benjamin Drung
Debian & Ubuntu Developer
Reply to: