Drake Wilson dr...@begriffli.ch wrote:
Quoth Don Armstrong d...@debian.org, on 2010-05-15 14:40:05 -0700:
You don't need to detect UPG setups with 100% reliability; you can
just do the following:
1. If there a possibility of this being a UPG setup:
2. If this user's group has the same
Santiago Vila sanv...@unex.es wrote:
[...]
Problems like that are expected to happen, and I think we should be
ready to fix them as they are found, so that the umask setting can
really be a choice of the system admin, not an imposition of certain
key programs who do not work well enough on
On Sat, 2010-05-15 at 10:04 +0200, Andreas Metzler wrote:
#2 UPG with umask 022 is useless.
Why is it?
It makes that every user has its own group, and that other users can be
added to it.
This alone doesn't have any effect of course, as such added users have
read rights anyway.
But now it's easy
On Sat,15.May.10, 13:03:16, Christoph Anton Mitterer wrote:
On Sat, 2010-05-15 at 10:04 +0200, Andreas Metzler wrote:
#2 UPG with umask 022 is useless.
Why is it?
It makes that every user has its own group, and that other users can be
added to it.
This alone doesn't have any effect of
On Sat, 2010-05-15 at 14:23 +0300, Andrei Popescu wrote:
Why is an own group needed for this? Can't the admin just create groups
as needed where both users shall belong?
Well but that's always possible isn't it? So one could drop the concept
of UPGs completely...
Cheers,
Chris.
smime.p7s
On Sat,15.May.10, 13:30:14, Christoph Anton Mitterer wrote:
On Sat, 2010-05-15 at 14:23 +0300, Andrei Popescu wrote:
Why is an own group needed for this? Can't the admin just create groups
as needed where both users shall belong?
Well but that's always possible isn't it? So one could drop
Christoph Anton Mitterer schrieb:
#2 UPG with umask 022 is useless.
Why is it?
See http://lists.debian.org/debian-devel/2010/05/msg00315.html.
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
On Sat, 15 May 2010, Andreas Metzler wrote:
#4 We cannot reliably detect UPG-setups. (The setting
USERGROUPS=yes/no in /etc/adduser.conf is not relevant, e.g. in a
NIS szenario users are generated on the master system.)
You don't need to detect UPG setups with 100% reliability; you can
Quoth Don Armstrong d...@debian.org, on 2010-05-15 14:40:05 -0700:
You don't need to detect UPG setups with 100% reliability; you can
just do the following:
1. If there a possibility of this being a UPG setup:
2. If this user's group has the same name and GID as the user's name and
UID:
On Fri, 14 May 2010, Joey Hess wrote:
Vincent Danjean wrote:
I'm happy with this move. However, there is still an interaction with ssh
to deal with:
vdanj...@eyak:~$ chmod -Rv g+w .ssh/authorized_keys
vdanj...@eyak:~$ ssh localhost
vdanj...@localhost's password:
And, in
On Sat, 15 May 2010, Andreas Hemel wrote:
On Fri, May 14, 2010 at 01:21:41PM -0400, Joey Hess wrote:
Vincent Danjean wrote:
I'm happy with this move. However, there is still an interaction with ssh
to deal with:
vdanj...@eyak:~$ chmod -Rv g+w .ssh/authorized_keys
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Am Sa den 15. Mai 2010 um 0:24 schrieb Santiago Vila:
I remember that procmail had a similar problem, and the author
implemented a build macro for systems having UPG. From the changelog:
1999/03/02: v3.12
Changes to procmail:
Klaus Ethgen wrote:
Urgh, and as in debian this is set, procmail is per default unsave on
all systems where non UPG is used or where the user like to use his own
UPG for sharing purpose!?
To change all that software just to let the umask be convenient for just
one very special use case and
On Fri, 2010-05-14 at 21:07 -0400, Joey Hess wrote:
Your typical program with a dotfile relies on the user
choosing a safe combination of umask and directory permissions for its
security.
As you say,... it relies on the user...
At least half (!) of the bill (the default umask) is now taken
14 matches
Mail list logo