[Bug 1095101] [NEW] files are created with insecure umask before being protected

Tue, 01 Jan 2013 10:40:54 -0800 

Public bug reported:

Using Déjà-Dup, I noticed the muliple backup volumes created on the
destination (sftp in my case) are initially created with a permissive
umask. Here is an example of a running backup:

root@xeon:/home/simon/laptop-bck# ls -l
total 278756
-rw------- 1 simon simon 26251167 2013-01-01 12:50 
duplicity-full.20130101T174732Z.vol10.difftar.gpg
-rw-r--r-- 1 simon simon 23134208 2013-01-01 12:50 
duplicity-full.20130101T174732Z.vol11.difftar.gpg
-rw------- 1 simon simon 26242590 2013-01-01 12:47 
duplicity-full.20130101T174732Z.vol1.difftar.gpg
-rw------- 1 simon simon 26200476 2013-01-01 12:47 
duplicity-full.20130101T174732Z.vol2.difftar.gpg
-rw------- 1 simon simon 26253055 2013-01-01 12:48 
duplicity-full.20130101T174732Z.vol3.difftar.gpg
-rw------- 1 simon simon 26200777 2013-01-01 12:48 
duplicity-full.20130101T174732Z.vol4.difftar.gpg
-rw------- 1 simon simon 26226816 2013-01-01 12:48 
duplicity-full.20130101T174732Z.vol5.difftar.gpg
-rw------- 1 simon simon 26219546 2013-01-01 12:49 
duplicity-full.20130101T174732Z.vol6.difftar.gpg
-rw------- 1 simon simon 26230722 2013-01-01 12:49 
duplicity-full.20130101T174732Z.vol7.difftar.gpg
-rw------- 1 simon simon 26217069 2013-01-01 12:49 
duplicity-full.20130101T174732Z.vol8.difftar.gpg
-rw------- 1 simon simon 26237182 2013-01-01 12:50 
duplicity-full.20130101T174732Z.vol9.difftar.gpg
drwx------ 2 root  root     16384 2013-01-01 12:44 lost+found

Where the "vol11" file is only chmod'ed once fully uploaded.


$ apt-cache policy duplicity deja-dup 
duplicity:
  Installed: 0.6.18-0ubuntu3
  Candidate: 0.6.18-0ubuntu3
  Version table:
 *** 0.6.18-0ubuntu3 0
        500 http://archive.ubuntu.com/ubuntu/ precise/main amd64 Packages
        100 /var/lib/dpkg/status
deja-dup:
  Installed: 22.0-0ubuntu3
  Candidate: 22.0-0ubuntu3
  Version table:
 *** 22.0-0ubuntu3 0
        500 http://archive.ubuntu.com/ubuntu/ precise-proposed/main amd64 
Packages
        100 /var/lib/dpkg/status
     22.0-0ubuntu2 0
        500 http://archive.ubuntu.com/ubuntu/ precise/main amd64 Packages

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: duplicity 0.6.18-0ubuntu3
ProcVersionSignature: Ubuntu 3.2.0-35.55-generic 3.2.34
Uname: Linux 3.2.0-35-generic x86_64
ApportVersion: 2.0.1-0ubuntu17
Architecture: amd64
Date: Tue Jan  1 13:27:13 2013
MarkForUpload: True
ProcEnviron:
 LANGUAGE=en_CA:en
 TERM=xterm
 PATH=(custom, no user)
 LANG=en_CA.UTF-8
 SHELL=/bin/bash
SourcePackage: duplicity
UpgradeStatus: No upgrade log present (probably fresh install)

** Affects: duplicity (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apport-bug precise running-unity

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1095101

Title:
  files are created with insecure umask before being protected

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/duplicity/+bug/1095101/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to