On Fri, Jan 24, 2025 at 09:56:57AM +0000, Luca Boccassi wrote: > On Fri, 24 Jan 2025 01:38:21 +0100 Chris Hofstaedtler <z...@debian.org> > wrote: > > Control: tags -1 - moreinfo > > > > On Thu, Jan 23, 2025 at 07:18:39PM +0000, Luca Boccassi wrote: > > > On Thu, 23 Jan 2025 18:17:28 +0100 Chris Hofstaedtler > <z...@debian.org> > > > wrote: > > > > Source: systemd > > > > Version: 257.2-2 > > > > > > > > please apply this commit to the systemd that trixie will get: > > > > > > > > > > > > https://github.com/systemd/systemd/commit/a4d18914751e687c9e44f22fe4e5f95b843a45c8 > > > > > > > > It already changes the default to the value that we want (0600). > > > > > > This is quite an invasive patch, that would make stable release > > > maintenance more painful and time consuming. Can it not wait for > Forky? > > > Are there any pressing issues that would be solved with this > backport? > > > > The old defaults are a partial security problem (depending on who > > you ask). Previously users could call "mesg n" to be safe, and some > > root bashrcs seem to do that (maybe even by default in some > > releases). > > Can you please clarify the security problem it solves on the upstream > PR? If that's the case then it's a candidate for upstream stable > backports too, and then it can be picked from there
Here: https://github.com/systemd/systemd/issues/35599#issuecomment-2633559542 Chris
