Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
Bug 15404 - Wrong default umask
Wrong default umask
Product: Red Hat Linux
Classification: Retired
Component: bash (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Bernhard Rosenkraenzer
: Security
Depends On:
  Show dependency treegraph
Reported: 2000-08-04 11:47 EDT by Christian Rose
Modified: 2008-05-01 11:37 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2000-08-04 14:51:18 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Christian Rose 2000-08-04 11:47:52 EDT
The default umask in Pinstripe is 002 (rwxrwxr-x).
While this is fine for the default setting where each user belongs to his
own group, it is less suited for the scenario where each user belongs to
the same group by default. In that case, this umask is fatal security-wise.

I think that the umask 022 (rwxr-xr-x) should be used as the default, as it
is safe in both scenarios.
Comment 1 Bill Nottingham 2000-08-04 14:51:16 EDT
As discussed on testers-list, we aren't changing this.
Comment 2 Christian Rose 2000-08-04 16:12:32 EDT
My bad. Closing this.

Note You need to log in before you can comment on or make changes to this bug.