Web lists-archives.com

Re: UMASK 002 or 022?




On 2017-06-29.15:43, gwmfms6@xxxxxxxxxxxxxxx wrote:
> The wider community doesn't seem that concerned with the fact that all
> Debian and Ubuntu users are now (with the most recent stable releases)
> completely unable to change their default umask (and further have a default
> setting that gives the world read access to all their documents). I think
> this needs to be viewed as a security issue.

Can you point to a real, specific security problem that this has caused?

> Even with the premise that the average Linux user is more computer competent
> than the average Windows or Mac user, I still don't think it's a fair
> assumption that all linux users know all about umask and permissions. Due to
> this, many users may unwittingly create "guest" accounts or friend accounts
> on their computers unknowingly giving read access to all documents they've
> created.

If windows is different, it looks to be the outlier because macOS
behaves the same way as Debian[0]:

  > For example, the default umask of 022 results in permissions of 644
  > on new files and 755 on new folders. Groups and other users can read
  > the files and traverse the folders, but only the owner can make
  > changes.

[0] https://support.apple.com/en-us/HT201684

-- 
Regards,
Scott.

Attachment: signature.asc
Description: PGP signature