About umask for paranoids

To: <debian-security@lists.debian.org>
Subject: About umask for paranoids
From: Julián Muñoz <jmunoz@telefonica.net>
Date: Tue, 9 Apr 2002 00:11:23 +0000 (GMT)
Message-id: <[🔎] Pine.LNX.4.30.0204082355150.3152-100000@julian.ea4acl.ampr.org>

Hello,

I am using potato, from 6 month now, and well, I like it very much, but
something is chocking me very much:

some log files, some configuration files, and some "other things I don't
expected" are world readable.

So, I know, I could change it by hand. But it seems a generic behaviour
of Debian, due to the default umask.

Do you know if it is possible to change the defauld debian umask ?
What would be then the effect over the installed packages ?

Is it possible to set this default "paranoid" umask at instalation stage
of Debian ?

But then, would a lot of things be broken ? In what measure Debian
packages rely on the default umask ??


I have been searching about this on the lists, google, etc..., and don't
find any mention. So now in fact I am asking myself is my conception about
umask security is good.



Some related questions:

By default, /root is world readable ? (I think I fixed this, but not sure)

What umask "sees" apache or apache-ssl ? (I had to change some
permissions of the logs...)


In fact, I think that what is happening is normal: with the current
default umask, you always have some "suprises"...


Thank you !!  :-)



-- 
Saludos de Julián
EA4ACL
-.-


--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Prev by Date: unsubscribe
Next by Date: unsubscribe
Previous by thread: Re: new www vulnerablity
Next by thread: Denied ports 1339, 2049 and 2702
Index(es):
- Date
- Thread