Bug#269583: Which setting really affects the default umask?

April 15th, 2005 - 01:40 pm ET by Christian Perrier | Report spam

In #269583, the bug submitter says:

The default UMASK value 022 is insecure for default Debian installation.
I suggest using more strict 027 in /etc/login.defs

Indeed, even when I change this setting in /etc/login.defs, I still
get a OO22 umask.

Is the setting in /etc/login.defs still used or do I again miss some
PAM magic here?

To UNSUBSCRIBE, email to debian-bugs-dist-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Follow the discussion Replies

1 reply

Make a reply

Replies

#1 Alexander Gattin

April 15th, 2005 - 08:00 pm ET | Report spam

Hi!

On Fri, Apr 15, 2005 at 07:12:33PM +0200, Christian Perrier wrote:

> The default UMASK value 022 is insecure for default Debian installation.
I suggest using more strict 027 in /etc/login.defs

For what? The default is there for years. Who wants
will change that him/herself.

Indeed, even when I change this setting in /etc/login.defs, I still
get a OO22 umask.

Is the setting in /etc/login.defs still used or do I again miss some
PAM magic here?

No, the matter is much more simple. The umask is also
frequently set in shell rc scripts. Look into .bashrc,
.bash_profile, .profile and so on including system-wide
files (especially /etc/profile ;)).

Here we have a problem of keeping a single setting in a
bunch of different places, while there should be exactly
two -- system-wide PAM plus per-user PAM (currently
there is no such module in existence).
WBR,
xrgtn

To UNSUBSCRIBE, email to
with a subject of "unsubscribe". Trouble? Contact

Read all the answers

Bug#269583: Which setting really affects the default umask?

Replies

Similar topics