Bug#264434: debian-policy: set default umask 002 for the user private groups use
Package: debian-policy
Severity: normal
stems from #248140
base-files: user private groups concept requires umask 002 to work
Please reasign to base-files if/when umask should be changed.
The question is if possible copying to systems without UPGs while
aliasing to "scp -p" warrants to disable the user private group benefits
for all debian systems by default.
---
>>> Since user private groups are in use on new installations by default the
>>> default umask should reflect that and be 002 in order to benefit from UPGs.
>> Just because Debian has user private groups by default does not mean
>> an umask of 002 is always "better" than 022. If, for example, I scp -p
>> a file from a Debian system to a system where there are not user private
>> groups, the file would become writeable by a lot of people other
>> than myself. That would often not be desirable.
>>
>> So, I prefer not to change the umask to avoid surprises.
> Does scp not honor the remote umask?
> Without remote UPGs does scp allow making the file belong to a
> group your user ID does not belog to? If you do those kind of things as
> root between boxes with unsyncronized user bases, there is probably more to it than
> just UPGs?
but the user may have scp aliased to "scp -p",
in which case the permissions of the original file take precedence,
so, as I said, I prefer to follow the principle of least surprise here.
Reply to: