On Tue, May 18, 2010 at 3:12 PM, Harald Braumann <ha...@unheit.net> wrote: > On Tue, May 18, 2010 at 10:08:17AM +0000, Philipp Kern wrote: >> On 2010-05-18, Christoph Anton Mitterer <cales...@scientia.net> wrote: >> > Not to speak about, that UPG is anyway a questionable abuse of the >> > user/group concept. >> > >> > Neither to speak about the fact, that in the 17 years debian exists >> > now,... no majority missed that "feature" (apparently). >> >> So you present that as universal facts as if you've booked the truth >> (possibly a bad translation of a German saying). >> >> I think that feature is useful for all those who don't want to mess >> with ACLs. If you are not allowed to use ACLs and don't have UPG >> with sane umasks collaboration is painful (see e.g. Debian infrastrure >> with all users being in group Debian and default umask 0022 which >> leads to wrong permissions in setgid directories, with ACLs being >> disallowed). So indeed I got a script which does newgrp and >> setting the umask for me which I run whenever I want to do release >> tasks. But it would be more sane if the user wouldn't have to >> care about that. > > Let me quote from the comments in /etc/login.defs: > > # 022 is the "historical" value in Debian for UMASK when it was used > # 027, or even 077, could be considered better for privacy > # There is no One True Answer here : each sysadmin must make up his/her > # mind. > > And that's exactly the problem: there is no one-size-fits-all > for the umask. Yes, for collaboration in a setgid directory you'd have > to use 002 and thanks to UPG this is possible without compromising > security. But I consider this just a special case. There are > cases where Debian runs in a non-UPG environment, where you can't use > that umask. And I don't think that's uncommon. Think of a mixed > environment with Windows, where you might have a samba domain in LDAP. And > last time I checked, the smbldap-tools didn't support UPG.
Could you fill a bug report against smbldap-tools ? > So whatever value is used as the default, half of the users will have > to change it anyway, to fit their needs. And in such a case, where > there is no single optimal value, I'd rather have the most > conservative as default. > > If the umask is 022 and you create a setgid > directory and forget to change the umask, you will quickly realise > that things are not working as expected and fix it. If the umask is > 002 and you add your Debian system to a non-UPG environment and forget > to change the umask, things will still work perfectly but you put all > your files at risk and might not even realise it until it is too > late. Why not add a security dialog and assistant for installing and upgrading the system? It will ease the transition and fit allt the need, documenting drawbacks and advantages of each scheme ? And offer a sensible default choice (and skip button) for desktop user ? Regards Bastien > Cheers, > harry > > -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktin92rw-krk1jajy6knyqm6z-mzt4hd8wzchf...@mail.gmail.com
