Le lundi 04 mai 2009 à 17:25 +0200, Yves-Alexis Perez a écrit : > On lun, 2009-05-04 at 10:23 +0200, Thomas Constans wrote: > > Package: thunar > > Version: 1.0.1-1 > > Severity: grave > > Tags: security > > Justification: user security hole > > > > > > A new directory, created from Thunar, will have permission 777, > > bypassing umask value. > > That's wrong, but I think you're bitten by the “daemon” status of > Thunar.
I think i understand this daemon stuff. I cant reproduce this bug. I must have met a rare race condition. I am not using any session manager. My window manager (awesome) is started from .xsession, where umask is not set, and i am not starting any thunar. I thought at first that launching thunar from a keyboard shortcut, provided by my wm, was responsible for this, but i've just check with a clean new X session, and it is not the case. new instances of thunar are respecting my umask. But then i have some pretty uncommon / personnalized desktop environment, so we shouldnot spend too much time on this bug Sorry for the report, Regards -- Thomas Constans 06 23 37 87 85 www.opendoor.fr -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
