About umask for paranoids
Hello,
I am using potato, from 6 month now, and well, I like it very much, but
something is chocking me very much:
some log files, some configuration files, and some "other things I don't
expected" are world readable.
So, I know, I could change it by hand. But it seems a generic behaviour
of Debian, due to the default umask.
Do you know if it is possible to change the defauld debian umask ?
What would be then the effect over the installed packages ?
Is it possible to set this default "paranoid" umask at instalation stage
of Debian ?
But then, would a lot of things be broken ? In what measure Debian
packages rely on the default umask ??
I have been searching about this on the lists, google, etc..., and don't
find any mention. So now in fact I am asking myself is my conception about
umask security is good.
Some related questions:
By default, /root is world readable ? (I think I fixed this, but not sure)
What umask "sees" apache or apache-ssl ? (I had to change some
permissions of the logs...)
In fact, I think that what is happening is normal: with the current
default umask, you always have some "suprises"...
Thank you !! :-)
--
Saludos de Julián
EA4ACL
-.-
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: