Bug 122843 - Bad umask logic sets default world permission of read for csh users
Summary: Bad umask logic sets default world permission of read for csh users
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: setup
Version: 9
Hardware: i686
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Bill Nottingham
QA Contact: David Lawrence
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-05-09 02:58 UTC by Bill Gorder
Modified: 2014-03-17 02:45 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2004-05-21 18:33:53 UTC
Embargoed:


Attachments (Terms of Use)

Description Bill Gorder 2004-05-09 02:58:37 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1)
Gecko/20030225

Description of problem:
/etc/csh.cshrc has a logic error in the setting of umask in Red Hat 9.
 The line in error is

[ "`id -gn`" = "`id -un`" -a `id -u` -gt 99 ]

and should be 

if ( "`id -gn`" == "`id -un`" && `id -u` > 99 ) then

The bad line sets umask = 002 instead of 007.  It looks like bash that
was not fully converted to csh

Version-Release number of selected component (if applicable):
setup-2.5.25-1

How reproducible:
Always

Steps to Reproduce:
1.copy if statement to a file (fn)
2.place "echo" before the then and else clauses so the path taken is
printed
3.run csh fn     where fn is the name of the file
4. Observe the error
5. Also, just create a file by any means and examine it with (ls
-alt), observe that world read permissions are set.
    

Actual Results:  Error causes all files created by a user to have
world read permission set (umask 002)

Expected Results:  Files created by a user should have no world
permissions (umask 007)

Additional info:

To fix, replace the line
[ "`id -gn`" = "`id -un`" -a `id -u` -gt 99 ]
with
if ( "`id -gn`" == "`id -un`" && `id -u` > 99 ) then

The error can be a security issue as it exposes all user information
to any other user.

Comment 1 Bill Nottingham 2004-05-21 18:33:53 UTC
umask is never set to 007, in any *rc file (csh or bash); it's 002 for
normal users and 022 for root.


Note You need to log in before you can comment on or make changes to this bug.