On Tue 2018-02-06 14:43:56 -0500, Daniel Kahn Gillmor wrote: > There are legitimate cases (public archives) where a user might > actually want their archive to be readable to the world. > > "notmuch insert" historically used mode 0600 (unreadable by group or > other), but that choice doesn't appear to have been specifically > justified (perhaps an abundance of caution?). > > This patch also adjusts the default mode used for --create-folder, to > be mode 0755 before the application of the umask. > > If the user wants "notmuch insert" to create files or folders that are > not readable by group or other, they can set their umask more > restrictively.
I'm now having second thoughts about this.
postfix's local delivery agent has apparently been delivering with mode
0600 for nearly 20 years:
https://github.com/vdukhovni/postfix/blame/master/postfix/src/local/maildir.c#L188
And dovecot's lda defaults to 0600 on delivery:
https://sources.debian.org/src/dovecot/1:2.2.33.2-1/src/lib-storage/mail-storage.c/?hl=2591#L2591
So maybe there's something i don't know about why a delivery agent would
want to have this restrictive mask?
Perhaps a better way to fix this is with a new option to notmuch insert.
on IRC, bremner suggests something flexible like --mode=0600
I'm more inclined to keep it simpler and more usable (most people don't
know octal, let alone unix permissions bits) and just have a boolean
--world-readable which defaults to false (and switches between modes
0600 and 0644 for files, and 0700 and 0755 for directories).
Any thoughts?
--dkg
signature.asc
Description: PGP signature
_______________________________________________ notmuch mailing list [email protected] https://notmuchmail.org/mailman/listinfo/notmuch
