On Mon, May 17, 2010 at 3:34 PM, Marvin Renich <m...@renich.org> wrote:
> * Reinhard Tartler <siret...@debian.org> [100517 08:56]:
>> Let's have a look at the source. Note that options->usergroups is set
>> iff the option "usergroups" is used.
>>
>> ,----[modules/pam_umask/pam_umask.c]
>> | /* Set the process nice, ulimit, and umask from the
>> | password file entry. */
>> | static void
>> | setup_limits_from_gecos (pam_handle_t *pamh, options_t *options,
>> | struct passwd *pw)
>> | {
>> | char *cp;
>> |
>> | if (options->usergroups)
>> | {
>> | /* if not root, and UID == GID, and username is the same as
>> | primary group name, set umask group bits to be the same as
>> | owner bits (examples: 022 -> 002, 077 -> 007). */
>> | if (pw->pw_uid != 0 && pw->pw_uid == pw->pw_gid)
>> | {
>> | struct group *grp = pam_modutil_getgrgid (pamh, pw->pw_gid);
>> | if (grp && (strcmp (pw->pw_name, grp->gr_name) == 0))
>> | {
>> | mode_t oldmask = umask (0777);
>> | umask ((oldmask & ~070) | ((oldmask >> 3) & 070));
>> | }
>> | }
>> | }
>> `----
Another bug is the code does not check if they are only one user on the group.
Regards
Bastien
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/aanlktiljeb7l0vnlvyz-q3kij4fvrmxldjpkkz6v3...@mail.gmail.com
