[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#264434: debian-policy: set default umask 002 for the user private groups use

Package: debian-policy
Severity: normal

stems from  #248140
 base-files: user private groups concept requires umask 002 to work

Please reasign to base-files if/when umask should be changed.

The question is if possible copying to systems without UPGs while
aliasing to "scp -p" warrants to disable the user private group benefits
for all debian systems by default.


>>> Since user private groups are in use on new installations by default the
>>> default umask should reflect that and be 002 in order to benefit from UPGs.

>> Just because Debian has user private groups by default does not mean
>> an umask of 002 is always "better" than 022. If, for example, I scp -p
>> a file from a Debian system to a system where there are not user private
>> groups, the file would become writeable by a lot of people other
>> than myself. That would often not be desirable.
>> So, I prefer not to change the umask to avoid surprises.

> Does scp not honor the remote umask?
> Without remote UPGs does scp allow making the file belong to a 
> group your user ID does not belog to? If you do those kind of things as 
> root between boxes with unsyncronized user bases, there is probably  more to it than 
> just UPGs?

but the user may have scp aliased to "scp -p",
in which case the permissions of the original file take precedence,
so, as I said, I prefer to follow the principle of least surprise here.

Reply to: