Debian Bug report logs - #581434
The default umask in Debian should be changed to '0002' to be fully compliant with user private groups

version graph

Package: base-files; Maintainer for base-files is Santiago Vila <sanvila@debian.org>; Source for base-files is src:base-files.

Reported by: Aaron Toponce <aaron.toponce@gmail.com>

Date: Wed, 12 May 2010 19:36:02 UTC

Severity: normal

Merged with 248140

Found in versions 3.0.14, base-files/5.3

Fixed in version base-files/5.4

Done: Santiago Vila <sanvila@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Shadow package maintainers <pkg-shadow-devel@lists.alioth.debian.org>:
Bug#581413; Package login. (Wed, 12 May 2010 19:36:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Aaron Toponce <aaron.toponce@gmail.com>:
New Bug report received and forwarded. Copy sent to Shadow package maintainers <pkg-shadow-devel@lists.alioth.debian.org>. (Wed, 12 May 2010 19:36:05 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Aaron Toponce <aaron.toponce@gmail.com>
To: submit@bugs.debian.org
Subject: The default umask in Debian should be changed to '0002' to be fully compliant with user private groups
Date: Wed, 12 May 2010 13:33:48 -0600
[Message part 1 (text/plain, inline)]
Package: login
Version: 1:4.1.4.2-1

First, a discussion about this bug on the debian-devel mailing list [1].
This affects unstable, testing and stable.

To summarize: Debian uses user private groups (UPG) by default. This
places each user on the system in their own default, private group, that
no one else is, or should be, a member of. However, the default umask
value for Debian is '0022'.

The old umask value comes from historical UNIX, where every user on the
system was placed in a "users" group. Thus, the write bit needed to be
removed from the group, to keep others from modifying personal files.

The discussion on the mailing list seems to be largely in favor of
making the change. Some favorable points brought up were:
* umask '0002' is default on most UNIX systems that use UPG
* Group collaboration means setting the SGID bit on directories, for the
appropriate group to be set on new files/dirs, but the write bit is
always missing in the group mode. Setting the default umask to '0002'
would fix this.
* According to [2], setting the umask to '0002' is recommended.
* Previous discussion here [3] and here [4].
* UPG without umask '0002' is pointless. We might as well be using the
'users' group.
* Our default setup of UPG with 'umask 0022' doesn't make sense. It's broken

Those who seemed to not favor the change (correct me if I'm wrong),
brought up the following points:
* FACLs can fix any filesystem permission problem. For group
collaboration, FACLs should be, and usually are, used.
* 'umask 0002' and 'umask 0022' is not secure enough. The default umask
should be '0077' instead, increasing security of the system.
* PAM should be configured to make these changes rather than changing
the umask value.

For points of comparison, the following UNIX-like operating systems
implement UPG and 'umask 0002':
* Red Hat Enterprise Linux [5]
* Fedora
* CentOS
* Oracle Enterprise Linux

The following systems still use the older historical "users" group with
'umask 0022':
* openSUSE
* SUSE Enterprise Desktop
* SUSE Enterprise Server
* Slackware
* HP-UX
* Solaris

The following systems use UPG with 'umask 0022':
* FreeBSD
* OpenBSD
* NetBSD
* Ubuntu
* Arch

Other implementations:
* Mac OS X (places the user in the 'staff' group, and the root user in
the 'admin' group. default umask is 0022)
* Open Solaris (places the user in the 'staff' group, and the root user
in the 'root' group. default umask is 0022)

[1] http://lists.debian.org/debian-devel/2010/05/msg00252.html
[2] http://preview.tinyurl.com/3anklq9
[3] http://lists.debian.org/debian-user/1994/03/msg00105.html
[4] http://lists.debian.org/debian-user/1994/03/threads.html
[5] http://preview.tinyurl.com/2dambk2

Additional references:
* http://preview.tinyurl.com/3xzs2fe
* http://preview.tinyurl.com/55amty

-- 
. O .   O . O   . . O   O . .   . O .
. . O   . O O   O . O   . O O   . . O
O O O   . O .   . O O   O O .   O O O

[signature.asc (application/pgp-signature, attachment)]

Information forwarded to debian-bugs-dist@lists.debian.org, Shadow package maintainers <pkg-shadow-devel@lists.alioth.debian.org>:
Bug#581413; Package login. (Wed, 12 May 2010 23:21:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Jonathan Nieder <jrnieder@gmail.com>:
Extra info received and forwarded to list. Copy sent to Shadow package maintainers <pkg-shadow-devel@lists.alioth.debian.org>. (Wed, 12 May 2010 23:21:04 GMT) Full text and rfc822 format available.

Message #10 received at 581413@bugs.debian.org (full text, mbox):

From: Jonathan Nieder <jrnieder@gmail.com>
To: base-files@packages.debian.org
Cc: 581413@bugs.debian.org, Aaron Toponce <aaron.toponce@gmail.com>
Subject: Re: The default umask in Debian should be changed to '0002' to be fully compliant with user private groups
Date: Wed, 12 May 2010 18:17:59 -0500
clone 581413 -1
# File: /usr/share/base-files/profile
reassign -1 base-files 5.3
quit

Hi Santiago,

Aaron Toponce wrote:

> To summarize: Debian uses user private groups (UPG) by default. This
> places each user on the system in their own default, private group, that
> no one else is, or should be, a member of. However, the default umask
> value for Debian is '0022'.

For what it’s worth, since this would not affect already-installed
systems, changing the default umask to 002 seems like a safe and
reasonable choice to me.

Regards,
Jonathan

[1] http://lists.debian.org/debian-devel/2010/05/msg00252.html
[2] http://www.debian.org/doc/manuals/securing-debian-howto/ch12.en.html#s12.1.13
[3] http://lists.debian.org/debian-user/1994/03/msg00105.html
[4] http://lists.debian.org/debian-user/1994/03/threads.html
[5] http://www.redhat.com/docs/manuals/enterprise/RHEL-5-manual/Deployment_Guide-en-US/s1-users-groups-private-groups.html

 * https://security.ias.edu/how-and-why-user-private-groups-unix
 * http://www.oreillynet.com/onlamp/blog/2006/09/using_user_private_groups.html




Bug 581413 cloned as bug 581434. Request was from Jonathan Nieder <jrnieder@gmail.com> to control@bugs.debian.org. (Wed, 12 May 2010 23:21:05 GMT) Full text and rfc822 format available.

Bug reassigned from package 'login' to 'base-files'. Request was from Jonathan Nieder <jrnieder@gmail.com> to control@bugs.debian.org. (Wed, 12 May 2010 23:21:08 GMT) Full text and rfc822 format available.

Bug No longer marked as found in versions shadow/1:4.1.4.2-1. Request was from Jonathan Nieder <jrnieder@gmail.com> to control@bugs.debian.org. (Wed, 12 May 2010 23:21:09 GMT) Full text and rfc822 format available.

Bug Marked as found in versions base-files/5.3. Request was from Jonathan Nieder <jrnieder@gmail.com> to control@bugs.debian.org. (Wed, 12 May 2010 23:21:10 GMT) Full text and rfc822 format available.

Merged 248140 581434. Request was from Jonathan Nieder <jrnieder@gmail.com> to control@bugs.debian.org. (Thu, 13 May 2010 12:45:05 GMT) Full text and rfc822 format available.

Reply sent to Santiago Vila <sanvila@debian.org>:
You have taken responsibility. (Thu, 13 May 2010 17:21:14 GMT) Full text and rfc822 format available.

Notification sent to Aaron Toponce <aaron.toponce@gmail.com>:
Bug acknowledged by developer. (Thu, 13 May 2010 17:21:14 GMT) Full text and rfc822 format available.

Message #25 received at 581434-close@bugs.debian.org (full text, mbox):

From: Santiago Vila <sanvila@debian.org>
To: 581434-close@bugs.debian.org
Subject: Bug#581434: fixed in base-files 5.4
Date: Thu, 13 May 2010 17:17:58 +0000
Source: base-files
Source-Version: 5.4

We believe that the bug you reported is fixed in the latest version of
base-files, which is due to be installed in the Debian FTP archive:

base-files_5.4.dsc
  to main/b/base-files/base-files_5.4.dsc
base-files_5.4.tar.gz
  to main/b/base-files/base-files_5.4.tar.gz
base-files_5.4_powerpc.deb
  to main/b/base-files/base-files_5.4_powerpc.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 581434@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Santiago Vila <sanvila@debian.org> (supplier of updated base-files package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 13 May 2010 18:35:42 +0200
Source: base-files
Binary: base-files
Architecture: source powerpc
Version: 5.4
Distribution: unstable
Urgency: low
Maintainer: Santiago Vila <sanvila@debian.org>
Changed-By: Santiago Vila <sanvila@debian.org>
Description: 
 base-files - Debian base system miscellaneous files
Closes: 248140 572245 581434
Changes: 
 base-files (5.4) unstable; urgency=low
 .
   * Changed umask in default /etc/profile to 002, which has a little bit
     more sense than 022 on systems like Debian having User Private Groups.
     As usual for /etc/profile, only new installs will have the new default,
     so nobody will be surprised by this on upgrades. Hopefully, this change
     will be documented in the release notes for squeeze as well, for users
     who install squeeze from scratch. Closes: #248140, #581434.
   * Refresh GNU licenses from http://ftp.gnu.org/gnu/Licenses/, as they
     have expanded the embedded tabs. Closes: #572245.
   * Switch to "3.0 (native)" format.
Checksums-Sha1: 
 576d45ebc991662a602c28fd82611cad32379d4a 971 base-files_5.4.dsc
 a7a035eb652be615135cea92838b8dee857f9bec 71285 base-files_5.4.tar.gz
 496524cc7b82a103d4e9c81150b756bdb5d332b8 73410 base-files_5.4_powerpc.deb
Checksums-Sha256: 
 41741b24f0d0b3df8eaa84268e80a976adc772604d52a5f0c3e7fa2e9a74fc4f 971 base-files_5.4.dsc
 0ba2dd22029fdd7eebd56bf2734b560b38db9a9b48e0cf5b4568afef7dcb11bc 71285 base-files_5.4.tar.gz
 00dd8547c38433dd2a00bffdcd65c752a6fefa5fa44934d0b4547719bf5e5940 73410 base-files_5.4_powerpc.deb
Files: 
 f07ba161bec1be496ca814d634873551 971 admin required base-files_5.4.dsc
 e4858789c1d7aff14837dba3e61850ef 71285 admin required base-files_5.4.tar.gz
 efb32989cadfe0a7a14ef06a8ec357d2 73410 admin required base-files_5.4_powerpc.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQEcBAEBCAAGBQJL7CsvAAoJEEHOfwufG4sysOEIAKhlHQdeB6Wd6bM8J4w5euV8
bZffG3Pq8J2gSbzK9FvYcKvRXN1CP73AxaffMEvLdL1KJZ6aSukzXZXkVXozDYj/
UbVo8fFPAAkwL4h2E5FUCzQaJxPtnlVQYU0/iHgs6nBg8GiRYqW5kom1RzpzKQVm
HRnc3ndSHux8QnzqEFgEsF/3Q8oO7AiHEWd164jBQp/UHtnuWufVtaPSy7mMVb2G
odOWG8K0hsq99rP9KLJFvAfoggib4jK8XVdV1mFK9VuXGcGxTYhlWVrteCY+/ndg
xoLJkQZoKiehQ7zrZmILI6J0g0zHFKtAyg1wp6LfboM2ilhC1wVRicksnwcnHDI=
=vFXM
-----END PGP SIGNATURE-----





Reply sent to Santiago Vila <sanvila@debian.org>:
You have taken responsibility. (Thu, 13 May 2010 17:21:14 GMT) Full text and rfc822 format available.

Notification sent to Christian Gatzemeier <c.gatzemeier@tu-bs.de>:
Bug acknowledged by developer. (Thu, 13 May 2010 17:21:14 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Santiago Vila <sanvila@debian.org>:
Bug#581434; Package base-files. (Fri, 14 May 2010 07:51:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Vincent Danjean <vdanjean.ml@free.fr>:
Extra info received and forwarded to list. Copy sent to Santiago Vila <sanvila@debian.org>. (Fri, 14 May 2010 07:51:03 GMT) Full text and rfc822 format available.

Message #35 received at 581434@bugs.debian.org (full text, mbox):

From: Vincent Danjean <vdanjean.ml@free.fr>
To: debian-devel@lists.debian.org, 581434@bugs.debian.org
Subject: Re: UPG and the default umask
Date: Fri, 14 May 2010 09:46:27 +0200
On 13/05/2010 19:45, Aaron Toponce wrote:
> On 5/13/2010 3:48 AM, Santiago Vila wrote:
>> Will be done in base-files 5.4.
> 
> I just saw the change committed. Thank you very much! This is good news.
> 
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=581434#25

I'm happy with this move. However, there is still an interaction with ssh
to deal with:
vdanjean@eyak:~$ chmod -Rv g+w .ssh/authorized_keys
vdanjean@eyak:~$ ssh localhost
vdanjean@localhost's password:
And, in /var/log/auth.log:
May 14 09:42:17 eyak sshd[1618]: Authentication refused: bad ownership or modes for file /home/vdanjean/.ssh/authorized_keys

vdanjean@eyak:~$ chmod -Rv g-w .ssh/authorized_keys
le mode de « .ssh/authorized_keys » a été modifié en 0644 (rw-r--r--).
vdanjean@eyak:~$ ssh localhost
You have mail.
Last login: Tue May 11 17:10:30 2010
vdanjean@eyak:~$

My system is in UPG but I was using default umask 022

  Regards
    Vincent

-- 
Vincent Danjean       GPG key ID 0x9D025E87         vdanjean@debian.org
GPG key fingerprint: FC95 08A6 854D DB48 4B9A  8A94 0BF7 7867 9D02 5E87
Unofficial packages: http://moais.imag.fr/membres/vincent.danjean/deb.html
APT repo:  deb http://perso.debian.org/~vdanjean/debian unstable main





Information forwarded to debian-bugs-dist@lists.debian.org, Santiago Vila <sanvila@debian.org>:
Bug#581434; Package base-files. (Fri, 14 May 2010 17:24:08 GMT) Full text and rfc822 format available.

Acknowledgement sent to Joey Hess <joeyh@debian.org>:
Extra info received and forwarded to list. Copy sent to Santiago Vila <sanvila@debian.org>. (Fri, 14 May 2010 17:24:08 GMT) Full text and rfc822 format available.

Message #40 received at 581434@bugs.debian.org (full text, mbox):

From: Joey Hess <joeyh@debian.org>
To: debian-devel@lists.debian.org, 581434@bugs.debian.org
Subject: Re: UPG and the default umask
Date: Fri, 14 May 2010 13:21:41 -0400
[Message part 1 (text/plain, inline)]
Vincent Danjean wrote:
> I'm happy with this move. However, there is still an interaction with ssh
> to deal with:

> vdanjean@eyak:~$ chmod -Rv g+w .ssh/authorized_keys
> vdanjean@eyak:~$ ssh localhost
> vdanjean@localhost's password:
> And, in /var/log/auth.log:
> May 14 09:42:17 eyak sshd[1618]: Authentication refused: bad ownership or modes for file /home/vdanjean/.ssh/authorized_keys

maildrop has the same problem with .mailfilter files.

-- 
see shy jo
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Santiago Vila <sanvila@debian.org>:
Bug#581434; Package base-files. (Fri, 14 May 2010 18:21:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Christoph Anton Mitterer <calestyo@scientia.net>:
Extra info received and forwarded to list. Copy sent to Santiago Vila <sanvila@debian.org>. (Fri, 14 May 2010 18:21:03 GMT) Full text and rfc822 format available.

Message #45 received at 581434@bugs.debian.org (full text, mbox):

From: Christoph Anton Mitterer <calestyo@scientia.net>
To: 581434@bugs.debian.org
Subject: Re: The default umask in Debian should be changed to '0002' to be fully compliant with user private groups
Date: Fri, 14 May 2010 20:19:17 +0200
[Message part 1 (text/plain, inline)]
Hi.


I guess the last two reports from Vincent and Joey already show quite
well that such an open default mask is a very bad idea.


Cheers,
Chris.
[smime.p7s (application/x-pkcs7-signature, attachment)]

Information forwarded to debian-bugs-dist@lists.debian.org, Santiago Vila <sanvila@debian.org>:
Bug#581434; Package base-files. (Fri, 14 May 2010 22:54:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Andreas Hemel <dai.shan@gmx.net>:
Extra info received and forwarded to list. Copy sent to Santiago Vila <sanvila@debian.org>. (Fri, 14 May 2010 22:54:04 GMT) Full text and rfc822 format available.

Message #50 received at 581434@bugs.debian.org (full text, mbox):

From: Andreas Hemel <dai.shan@gmx.net>
To: debian-devel@lists.debian.org
Cc: 581434@bugs.debian.org
Subject: Re: UPG and the default umask
Date: Sat, 15 May 2010 00:50:31 +0200
On Fri, May 14, 2010 at 01:21:41PM -0400, Joey Hess wrote:
> Vincent Danjean wrote:
> > I'm happy with this move. However, there is still an interaction with ssh
> > to deal with:
> 
> > vdanjean@eyak:~$ chmod -Rv g+w .ssh/authorized_keys
> > vdanjean@eyak:~$ ssh localhost
> > vdanjean@localhost's password:
> > And, in /var/log/auth.log:
> > May 14 09:42:17 eyak sshd[1618]: Authentication refused: bad ownership or modes for file /home/vdanjean/.ssh/authorized_keys
> 
> maildrop has the same problem with .mailfilter files.

As does exim with .forward files. Should this be reported as a bug
against exim, now that the default umask will change?


Andreas




Information forwarded to debian-bugs-dist@lists.debian.org, Santiago Vila <sanvila@debian.org>:
Bug#581434; Package base-files. (Fri, 14 May 2010 23:27:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Santiago Vila <sanvila@unex.es>:
Extra info received and forwarded to list. Copy sent to Santiago Vila <sanvila@debian.org>. (Fri, 14 May 2010 23:27:04 GMT) Full text and rfc822 format available.

Message #55 received at 581434@bugs.debian.org (full text, mbox):

From: Santiago Vila <sanvila@unex.es>
To: 581434@bugs.debian.org
Cc: debian-devel@lists.debian.org
Subject: Re: Bug#581434: UPG and the default umask
Date: Sat, 15 May 2010 01:24:12 +0200 (CEST)
On Fri, 14 May 2010, Joey Hess wrote:

> Vincent Danjean wrote:
> > I'm happy with this move. However, there is still an interaction with ssh
> > to deal with:
> 
> > vdanjean@eyak:~$ chmod -Rv g+w .ssh/authorized_keys
> > vdanjean@eyak:~$ ssh localhost
> > vdanjean@localhost's password:
> > And, in /var/log/auth.log:
> > May 14 09:42:17 eyak sshd[1618]: Authentication refused: bad ownership or modes for file /home/vdanjean/.ssh/authorized_keys
> 
> maildrop has the same problem with .mailfilter files.

Problems like that are expected to happen, and I think we should be
ready to fix them as they are found, so that the umask setting can
really be a choice of the system admin, not an imposition of certain
key programs who do not work well enough on systems having UPG and a
default umask of 002.

I remember that procmail had a similar problem, and the author
implemented a build macro for systems having UPG. From the changelog:

1999/03/02: v3.12
      Changes to procmail:
          - Don't use $HOME/.procmailrc if it's group-writable or in a
            group-writable directory, unless it's the user's default group
            and GROUP_PER_USER is set in config.h




Information forwarded to debian-bugs-dist@lists.debian.org, Santiago Vila <sanvila@debian.org>:
Bug#581434; Package base-files. (Fri, 14 May 2010 23:39:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Santiago Vila <sanvila@unex.es>:
Extra info received and forwarded to list. Copy sent to Santiago Vila <sanvila@debian.org>. (Fri, 14 May 2010 23:39:06 GMT) Full text and rfc822 format available.

Message #60 received at 581434@bugs.debian.org (full text, mbox):

From: Santiago Vila <sanvila@unex.es>
To: 581434@bugs.debian.org
Cc: debian-devel@lists.debian.org
Subject: Re: Bug#581434: UPG and the default umask
Date: Sat, 15 May 2010 01:38:20 +0200 (CEST)
On Sat, 15 May 2010, Andreas Hemel wrote:

> On Fri, May 14, 2010 at 01:21:41PM -0400, Joey Hess wrote:
> > Vincent Danjean wrote:
> > > I'm happy with this move. However, there is still an interaction with ssh
> > > to deal with:
> > 
> > > vdanjean@eyak:~$ chmod -Rv g+w .ssh/authorized_keys
> > > vdanjean@eyak:~$ ssh localhost
> > > vdanjean@localhost's password:
> > > And, in /var/log/auth.log:
> > > May 14 09:42:17 eyak sshd[1618]: Authentication refused: bad ownership or modes for file /home/vdanjean/.ssh/authorized_keys
> > 
> > maildrop has the same problem with .mailfilter files.
> 
> As does exim with .forward files. Should this be reported as a bug
> against exim, now that the default umask will change?

I think so.

Ideally, we should support both 022 and 002 as umask.

Unfortunately, we have been using 022 for so long that we don't even
know what things have to be changed so that "everything works" when
umask is 002.

So, for practical purposes, setting 002 as the default umask is
probably the best (or maybe just the only) way to discover what needs
to be fixed when the umask is 002.




Information forwarded to debian-bugs-dist@lists.debian.org, Santiago Vila <sanvila@debian.org>:
Bug#581434; Package base-files. (Sat, 15 May 2010 01:15:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Joey Hess <joeyh@debian.org>:
Extra info received and forwarded to list. Copy sent to Santiago Vila <sanvila@debian.org>. (Sat, 15 May 2010 01:15:03 GMT) Full text and rfc822 format available.

Message #65 received at 581434@bugs.debian.org (full text, mbox):

From: Joey Hess <joeyh@debian.org>
To: Vincent Danjean <vdanjean.ml@free.fr>
Cc: debian-devel@lists.debian.org, 581434@bugs.debian.org
Subject: Re: UPG and the default umask
Date: Fri, 14 May 2010 21:12:47 -0400
[Message part 1 (text/plain, inline)]
Vincent Danjean wrote:
> I'm happy with this move. However, there is still an interaction with ssh
> to deal with:
> vdanjean@eyak:~$ chmod -Rv g+w .ssh/authorized_keys
> vdanjean@eyak:~$ ssh localhost
> vdanjean@localhost's password:
> And, in /var/log/auth.log:
> May 14 09:42:17 eyak sshd[1618]: Authentication refused: bad ownership or modes for file /home/vdanjean/.ssh/authorized_keys
> 
> vdanjean@eyak:~$ chmod -Rv g-w .ssh/authorized_keys
> le mode de « .ssh/authorized_keys » a été modifié en 0644 (rw-r--r--).
> vdanjean@eyak:~$ ssh localhost
> You have mail.
> Last login: Tue May 11 17:10:30 2010
> vdanjean@eyak:~$
> 
> My system is in UPG but I was using default umask 022

FWIW, for openssh this is supposed to be fixed in version 1:4.1p1-3.
See #314347. It was changed to allow group-writable files if
the owner is the only member in the group.

-- 
see shy jo
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Santiago Vila <sanvila@debian.org>:
Bug#581434; Package base-files. (Sat, 15 May 2010 05:54:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Aaron Toponce <aaron.toponce@gmail.com>:
Extra info received and forwarded to list. Copy sent to Santiago Vila <sanvila@debian.org>. (Sat, 15 May 2010 05:54:04 GMT) Full text and rfc822 format available.

Message #70 received at 581434@bugs.debian.org (full text, mbox):

From: Aaron Toponce <aaron.toponce@gmail.com>
To: 581434@bugs.debian.org
Subject: Re: Bug#581434 closed by Santiago Vila <sanvila@debian.org> (Bug#581434: fixed in base-files 5.4)
Date: Fri, 14 May 2010 23:49:48 -0600
[Message part 1 (text/plain, inline)]
On 05/13/2010 11:21 AM, Debian Bug Tracking System wrote:
> This is an automatic notification regarding your Bug report
> which was filed against the base-files package:
> 
> #581434: The default umask in Debian should be changed to '0002' to be fully compliant with user private groups
> 
> It has been closed by Santiago Vila <sanvila@debian.org>.
> 
> Their explanation is attached below along with your original report.
> If this explanation is unsatisfactory and you have not received a
> better one in a separate message then please contact Santiago Vila <sanvila@debian.org> by
> replying to this email.

I think some additional configuration might need to be in place with
this change. UPG assumes that the group is indeed private. However, this
isn't necessarily the case for system accounts, where the UID < 100 (per
the Debian docs). There might be many members of the wheel group, tty
group, etc with this umask isn't appropriate, as technically, the group
isn't a "UPG". So, some logic should be placed in the /etc/profile file
to accommodate this:

# If not a system account, and the user name matches the group name
# it's a user private group, and set umask=0002. Otherwise, it's not
# a user private group, so set umask=0022.
if [ "$UID" -gt 99 ] && [ "$(id -un)" = "$(id -gn)" ]; then
    umask 0002
else
    umask 0022
fi

Thoughts?

-- 
. O .   O . O   . . O   O . .   . O .
. . O   . O O   O . O   . O O   . . O
O O O   . O .   . O O   O O .   O O O

[signature.asc (application/pgp-signature, attachment)]

Information forwarded to debian-bugs-dist@lists.debian.org, Santiago Vila <sanvila@debian.org>:
Bug#581434; Package base-files. (Sat, 15 May 2010 06:21:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Vincent Danjean <vdanjean.ml@free.fr>:
Extra info received and forwarded to list. Copy sent to Santiago Vila <sanvila@debian.org>. (Sat, 15 May 2010 06:21:03 GMT) Full text and rfc822 format available.

Message #75 received at 581434@bugs.debian.org (full text, mbox):

From: Vincent Danjean <vdanjean.ml@free.fr>
To: debian-devel@lists.debian.org, 581434@bugs.debian.org
Subject: Re: UPG and the default umask
Date: Sat, 15 May 2010 08:16:45 +0200
On 15/05/2010 03:12, Joey Hess wrote:
> Vincent Danjean wrote:
>> I'm happy with this move. However, there is still an interaction with ssh
>> to deal with:
>> vdanjean@eyak:~$ chmod -Rv g+w .ssh/authorized_keys
>> vdanjean@eyak:~$ ssh localhost
>> vdanjean@localhost's password:
>> And, in /var/log/auth.log:
>> May 14 09:42:17 eyak sshd[1618]: Authentication refused: bad ownership or modes for file /home/vdanjean/.ssh/authorized_keys
>>
>> vdanjean@eyak:~$ chmod -Rv g-w .ssh/authorized_keys
>> le mode de « .ssh/authorized_keys » a été modifié en 0644 (rw-r--r--).
>> vdanjean@eyak:~$ ssh localhost
>> You have mail.
>> Last login: Tue May 11 17:10:30 2010
>> vdanjean@eyak:~$
>>
>> My system is in UPG but I was using default umask 022
> 
> FWIW, for openssh this is supposed to be fixed in version 1:4.1p1-3.
> See #314347. It was changed to allow group-writable files if
> the owner is the only member in the group.

Somethink is wrong here. Should 314347 be reopened ?

vdanjean@eyak:~$ LC_ALL=C apt-cache policy openssh-server
openssh-server:
  Installed: 1:5.5p1-3
  Candidate: 1:5.5p1-3
  Version table:
 *** 1:5.5p1-3 0
        500 http://ftp.fr.debian.org unstable/main Packages
        500 http://ftp.fr.debian.org testing/main Packages
        100 /var/lib/dpkg/status
     1:5.1p1-5 0
        500 http://ftp.fr.debian.org stable/main Packages
     1:4.3p2-9etch3 0
        500 http://ftp.fr.debian.org oldstable/main Packages
vdanjean@eyak:~$ cat /etc/group /etc/passwd | grep '^vdanjean'
vdanjean:x:1000:
vdanjean:x:1000:1000:Vincent Danjean,,,:/home/vdanjean:/bin/bash
vdanjean@eyak:~$



-- 
Vincent Danjean       GPG key ID 0x9D025E87         vdanjean@debian.org
GPG key fingerprint: FC95 08A6 854D DB48 4B9A  8A94 0BF7 7867 9D02 5E87
Unofficial packages: http://moais.imag.fr/membres/vincent.danjean/deb.html
APT repo:  deb http://perso.debian.org/~vdanjean/debian unstable main





Information forwarded to debian-bugs-dist@lists.debian.org, Santiago Vila <sanvila@debian.org>:
Bug#581434; Package base-files. (Sat, 15 May 2010 10:42:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Santiago Vila <sanvila@unex.es>:
Extra info received and forwarded to list. Copy sent to Santiago Vila <sanvila@debian.org>. (Sat, 15 May 2010 10:42:03 GMT) Full text and rfc822 format available.

Message #80 received at 581434@bugs.debian.org (full text, mbox):

From: Santiago Vila <sanvila@unex.es>
To: Aaron Toponce <aaron.toponce@gmail.com>, 581434@bugs.debian.org
Subject: Re: Bug#581434: closed by Santiago Vila <sanvila@debian.org> (Bug#581434: fixed in base-files 5.4)
Date: Sat, 15 May 2010 12:39:36 +0200 (CEST)
On Fri, 14 May 2010, Aaron Toponce wrote:

> I think some additional configuration might need to be in place with
> this change. UPG assumes that the group is indeed private. However, this
> isn't necessarily the case for system accounts, where the UID < 100 (per
> the Debian docs). There might be many members of the wheel group, tty
> group, etc with this umask isn't appropriate, as technically, the group
> isn't a "UPG". So, some logic should be placed in the /etc/profile file
> to accommodate this:
> 
> # If not a system account, and the user name matches the group name
> # it's a user private group, and set umask=0002. Otherwise, it's not
> # a user private group, so set umask=0022.
> if [ "$UID" -gt 99 ] && [ "$(id -un)" = "$(id -gn)" ]; then
>     umask 0002
> else
>     umask 0022
> fi
> 
> Thoughts?

The user root has its Private Group.

The other system accounts do not "login" to the system, i.e. their
processes do not read /etc/profile.




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 28 Jun 2010 07:34:24 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Apr 16 08:09:23 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.