This is on OpenSSH_6.3 from current. If I interpret the man page for
sftp-server(8) correctly, the option -u should set an explicit umask.
What looks like is happening instead is that the umask is OR'ed with an
established value. How do I set or override that initial umask?
What's happening is that with -u,
I can make a more restrictive setting:
for example, tightening umask down:
Match group foo
ForceCommand internal-sftp -u 777
gives:
---------- 1 foo foo 29 Oct 23 10:37 umask777
but opening umask up
Match group foo
ForceCommand internal-sftp -u 000
gives:
-rw-r--r-- 1 foo foo 29 Oct 23 10:36 umask000
What I was expecting for -u 000 would have been
-rw-rw-rw- 1 foo foo 29 Oct 23 10:35 umask000
What have I misconfigured?
Regards,
/Lars
