Bug#314539: [Pkg-shadow-devel] please remove UMASK from login.defs
martin f krafft
martin f krafft <madduck@debian.org>, 314539@bugs.debian.org
Mon, 20 Jun 2005 08:33:48 +0200
--Kj7319i9nmIyA2yE
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
also sprach Christian Perrier <bubulle@debian.org> [2005.06.20.0803 +0200]:
> > Summary: I would better wait _till_ pam_umask finds its way into
> > default Debian /etc/pam.d/common-session, and comment UMASK out
> > _after that_.
>=20
> Hmmm, you nearly manage to convince me. I send this to the BTS,
> for the record.
>=20
> Martin, please give your advice here.
I tend to agree; let's change existing practice when new and better
practice is *in place* and working. I would not object to see
libpam-umask in base, but I don't think it's going to happen "just
like that".
Maybe we should start small and add comments for now?
> Alex seems to have well proven that UMASK in login.defs is
> *currently* the only way to be sure that all possible ways to
> login to a system will have the right mask.
Proof incomplete... log in via SSH into a zsh shell and no umask
setting will take effect.
--=20
.''`. martin f. krafft <madduck@debian.org>
: :' : proud Debian developer, admin, user, and author
`. `'`
`- Debian - when you have better things to do than fixing a system
=20
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
=20
"life is what happens to you while you're busy making other plans."
-- john lennon
--Kj7319i9nmIyA2yE
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFCtmNMIgvIgzMMSnURAiusAJ9RgDeXqcXFILc0b+L25QJ8ibh/kQCfd0Zr
mkt9l8CGKheGuSBUMXhMiJI=
=GVuU
-----END PGP SIGNATURE-----
--Kj7319i9nmIyA2yE--