FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian Development

 
 
LinkBack Thread Tools
 
Old 05-18-2010, 12:13 PM
Michael Banck
 
Default UPG and the default umask

On Tue, May 18, 2010 at 10:49:08AM +0000, Christoph Anton Mitterer wrote:
> On Tue, 18 May 2010 10:08:17 +0000 (UTC), Philipp Kern <trash@philkern.de>
> wrote:
> > So you present that as universal facts as if you've booked the truth
> > (possibly a bad translation of a German saying).
> No,.. and normally I would simply shut up, as I'm not even DD... but this
> here breaks simply so much which I believe in and contradicts so many
> proven paradigms, that I prefer to raise up even if that means, that I
> don't make any friends here.

It's not speaking up which is the problem, it's the Sven-Luther style of
argumentation.


Michael


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20100518121346.GE3068@nighthawk.chemicalconnection .dyndns.org">http://lists.debian.org/20100518121346.GE3068@nighthawk.chemicalconnection .dyndns.org
 
Old 05-18-2010, 12:15 PM
Michael Banck
 
Default UPG and the default umask

On Tue, May 18, 2010 at 11:34:47AM +0000, Christoph Anton Mitterer wrote:
> is there a list of distros that have UPGs fully deployed?

This is not Q&A list, you are allowed to do research yourself and
present it here.


Michael


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20100518121505.GF3068@nighthawk.chemicalconnection .dyndns.org">http://lists.debian.org/20100518121505.GF3068@nighthawk.chemicalconnection .dyndns.org
 
Old 05-18-2010, 12:24 PM
Michael Banck
 
Default UPG and the default umask

On Tue, May 18, 2010 at 02:13:46PM +0200, Michael Banck wrote:
> On Tue, May 18, 2010 at 10:49:08AM +0000, Christoph Anton Mitterer wrote:
> > On Tue, 18 May 2010 10:08:17 +0000 (UTC), Philipp Kern <trash@philkern.de>
> > wrote:
> > > So you present that as universal facts as if you've booked the truth
> > > (possibly a bad translation of a German saying).
> > No,.. and normally I would simply shut up, as I'm not even DD... but this
> > here breaks simply so much which I believe in and contradicts so many
> > proven paradigms, that I prefer to raise up even if that means, that I
> > don't make any friends here.
>
> It's not speaking up which is the problem, it's the Sven-Luther style of
> argumentation.

What I meant is that you seem to very passionate about this topic, and
reply to a lot of messages with similar content in short succession,
while it might be better to first see what arguments others come up with
and address new ones as you see fit.


Thanks,

Michael


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20100518122443.GG3068@nighthawk.chemicalconnection .dyndns.org">http://lists.debian.org/20100518122443.GG3068@nighthawk.chemicalconnection .dyndns.org
 
Old 05-18-2010, 01:12 PM
Harald Braumann
 
Default UPG and the default umask

On Tue, May 18, 2010 at 10:08:17AM +0000, Philipp Kern wrote:
> On 2010-05-18, Christoph Anton Mitterer <calestyo@scientia.net> wrote:
> > Not to speak about, that UPG is anyway a questionable abuse of the
> > user/group concept.
> >
> > Neither to speak about the fact, that in the 17 years debian exists
> > now,... no majority missed that "feature" (apparently).
>
> So you present that as universal facts as if you've booked the truth
> (possibly a bad translation of a German saying).
>
> I think that feature is useful for all those who don't want to mess
> with ACLs. If you are not allowed to use ACLs and don't have UPG
> with sane umasks collaboration is painful (see e.g. Debian infrastrure
> with all users being in group Debian and default umask 0022 which
> leads to wrong permissions in setgid directories, with ACLs being
> disallowed). So indeed I got a script which does newgrp and
> setting the umask for me which I run whenever I want to do release
> tasks. But it would be more sane if the user wouldn't have to
> care about that.

Let me quote from the comments in /etc/login.defs:

# 022 is the "historical" value in Debian for UMASK when it was used
# 027, or even 077, could be considered better for privacy
# There is no One True Answer here : each sysadmin must make up his/her
# mind.

And that's exactly the problem: there is no one-size-fits-all
for the umask. Yes, for collaboration in a setgid directory you'd have
to use 002 and thanks to UPG this is possible without compromising
security. But I consider this just a special case. There are
cases where Debian runs in a non-UPG environment, where you can't use
that umask. And I don't think that's uncommon. Think of a mixed
environment with Windows, where you might have a samba domain in LDAP. And
last time I checked, the smbldap-tools didn't support UPG.

So whatever value is used as the default, half of the users will have
to change it anyway, to fit their needs. And in such a case, where
there is no single optimal value, I'd rather have the most
conservative as default.

If the umask is 022 and you create a setgid
directory and forget to change the umask, you will quickly realise
that things are not working as expected and fix it. If the umask is
002 and you add your Debian system to a non-UPG environment and forget
to change the umask, things will still work perfectly but you put all
your files at risk and might not even realise it until it is too
late.

Cheers,
harry


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20100518131240.GA4737@sbs288.lan">http://lists.debian.org/20100518131240.GA4737@sbs288.lan
 
Old 05-18-2010, 01:40 PM
Bastien ROUCARIES
 
Default UPG and the default umask

On Tue, May 18, 2010 at 3:12 PM, Harald Braumann <harry@unheit.net> wrote:
> On Tue, May 18, 2010 at 10:08:17AM +0000, Philipp Kern wrote:
>> On 2010-05-18, Christoph Anton Mitterer <calestyo@scientia.net> wrote:
>> > Not to speak about, that UPG is anyway a questionable abuse of the
>> > user/group concept.
>> >
>> > Neither to speak about the fact, that in the 17 years debian exists
>> > now,... no majority missed that "feature" (apparently).
>>
>> So you present that as universal facts as if you've booked the truth
>> (possibly a bad translation of a German saying).
>>
>> I think that feature is useful for all those who don't want to mess
>> with ACLs. *If you are not allowed to use ACLs and don't have UPG
>> with sane umasks collaboration is painful (see e.g. Debian infrastrure
>> with all users being in group Debian and default umask 0022 which
>> leads to wrong permissions in setgid directories, with ACLs being
>> disallowed). *So indeed I got a script which does newgrp and
>> setting the umask for me which I run whenever I want to do release
>> tasks. *But it would be more sane if the user wouldn't have to
>> care about that.
>
> Let me quote from the comments in /etc/login.defs:
>
> # 022 is the "historical" value in Debian for UMASK when it was used
> # 027, or even 077, could be considered better for privacy
> # There is no One True Answer here : each sysadmin must make up his/her
> # mind.
>
> And that's exactly the problem: there is no one-size-fits-all
> for the umask. Yes, for collaboration in a setgid directory you'd have
> to use 002 and thanks to UPG this is possible without compromising
> security. But I consider this just a special case. There are
> cases where Debian runs in a non-UPG environment, where you can't use
> that umask. And I don't think that's uncommon. Think of a mixed
> environment with Windows, where you might have a samba domain in LDAP. And
> last time I checked, the smbldap-tools didn't support UPG.

Could you fill a bug report against smbldap-tools ?


> So whatever value is used as the default, half of the users will have
> to change it anyway, to fit their needs. And in such a case, where
> there is no single optimal value, I'd rather have the most
> conservative as default.
>
> If the umask is 022 and you create a setgid
> directory and forget to change the umask, you will quickly realise
> that things are not working as expected and fix it. If the umask is
> 002 and you add your Debian system to a non-UPG environment and forget
> to change the umask, things will still work perfectly but you put all
> your files at risk and might not even realise it until it is too
> late.

Why not add a security dialog and assistant for installing and
upgrading the system?
It will ease the transition and fit allt the need, documenting
drawbacks and advantages of each scheme ?

And offer a sensible default choice (and skip button) for desktop user ?

Regards

Bastien

> Cheers,
> harry
>
>


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: AANLkTin92rW-Krk1jAjY6KNYqM6Z-mZt4Hd8wzchFBUV@mail.gmail.com">http://lists.debian.org/AANLkTin92rW-Krk1jAjY6KNYqM6Z-mZt4Hd8wzchFBUV@mail.gmail.com
 
Old 05-18-2010, 01:41 PM
Philipp Kern
 
Default UPG and the default umask

On 2010-05-18, Harald Braumann <harry@unheit.net> wrote:
> If the umask is 022 and you create a setgid
> directory and forget to change the umask, you will quickly realise
> that things are not working as expected and fix it. If the umask is
> 002 and you add your Debian system to a non-UPG environment and forget
> to change the umask, things will still work perfectly but you put all
> your files at risk and might not even realise it until it is too
> late.

I guess we need a Debian Administration Best Practises Guide. There are
many stupid things you can do while being root, with things still working
perfectly.

But then somebody would need to take care of the document (i.e. a
continuations of the release notes for future generations).

Kind regards,
Philipp Kern



--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: slrnhv568l.91l.trash@kelgar.0x539.de">http://lists.debian.org/slrnhv568l.91l.trash@kelgar.0x539.de
 
Old 05-18-2010, 02:16 PM
Harald Braumann
 
Default UPG and the default umask

On Tue, May 18, 2010 at 03:40:06PM +0200, Bastien ROUCARIES wrote:
> On Tue, May 18, 2010 at 3:12 PM, Harald Braumann <harry@unheit.net> wrote:
> > On Tue, May 18, 2010 at 10:08:17AM +0000, Philipp Kern wrote:
> >> On 2010-05-18, Christoph Anton Mitterer <calestyo@scientia.net> wrote:
> >> > Not to speak about, that UPG is anyway a questionable abuse of the
> >> > user/group concept.
> >> >
> >> > Neither to speak about the fact, that in the 17 years debian exists
> >> > now,... no majority missed that "feature" (apparently).
> >>
> >> So you present that as universal facts as if you've booked the truth
> >> (possibly a bad translation of a German saying).
> >>
> >> I think that feature is useful for all those who don't want to mess
> >> with ACLs. *If you are not allowed to use ACLs and don't have UPG
> >> with sane umasks collaboration is painful (see e.g. Debian infrastrure
> >> with all users being in group Debian and default umask 0022 which
> >> leads to wrong permissions in setgid directories, with ACLs being
> >> disallowed). *So indeed I got a script which does newgrp and
> >> setting the umask for me which I run whenever I want to do release
> >> tasks. *But it would be more sane if the user wouldn't have to
> >> care about that.
> >
> > Let me quote from the comments in /etc/login.defs:
> >
> > # 022 is the "historical" value in Debian for UMASK when it was used
> > # 027, or even 077, could be considered better for privacy
> > # There is no One True Answer here : each sysadmin must make up his/her
> > # mind.
> >
> > And that's exactly the problem: there is no one-size-fits-all
> > for the umask. Yes, for collaboration in a setgid directory you'd have
> > to use 002 and thanks to UPG this is possible without compromising
> > security. But I consider this just a special case. There are
> > cases where Debian runs in a non-UPG environment, where you can't use
> > that umask. And I don't think that's uncommon. Think of a mixed
> > environment with Windows, where you might have a samba domain in LDAP. And
> > last time I checked, the smbldap-tools didn't support UPG.
>
> Could you fill a bug report against smbldap-tools ?

There is already an upstream bug [0], but even if it get's
implemented, that wouldn't magically change all systems out there
running non-UPG

>
>
> > So whatever value is used as the default, half of the users will have
> > to change it anyway, to fit their needs. And in such a case, where
> > there is no single optimal value, I'd rather have the most
> > conservative as default.
> >
> > If the umask is 022 and you create a setgid
> > directory and forget to change the umask, you will quickly realise
> > that things are not working as expected and fix it. If the umask is
> > 002 and you add your Debian system to a non-UPG environment and forget
> > to change the umask, things will still work perfectly but you put all
> > your files at risk and might not even realise it until it is too
> > late.
>
> Why not add a security dialog and assistant for installing and
> upgrading the system?
> It will ease the transition and fit allt the need, documenting
> drawbacks and advantages of each scheme ?

A umask of 022 is the right choice for most people and at least
doesn't put the others at risk. Everyone, who knows what a setgid
directory is and how it works, will also know, that there are certain
requirements on the umask. And the others really don't care, as long
as their security is not compromised.

There is really no need to force everyone to make a useless decision,
just for the sake of a change to make life of a specific minority easier.

Cheers,
harry

[0] http://gna.org/support/?2040


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20100518141606.GB4737@sbs288.lan">http://lists.debian.org/20100518141606.GB4737@sbs288.lan
 
Old 05-18-2010, 03:38 PM
Hendrik Sattler
 
Default UPG and the default umask

Am Dienstag 18 Mai 2010, 12:49:08 schrieb Christoph Anton Mitterer:
> > If you are not allowed to use ACLs
>
> That's no reason for UPGs to exist, is it?
> All important filesystems support ACLs, right? All kernels in Debian and
> do so, right? So technically, no problem.
> So being "not allowed" probably means organisational issues, right? But
> then talk to your admins.
>
> What's done here is to abuse a system just to workaround something else
> ("don't have/want to ACLs), right?

Do e.g. backup system deal well with ACLs? The standard tar doesn't, except
when you script around it... or if you use star.

HS


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 201005181738.07833.post@hendrik-sattler.de">http://lists.debian.org/201005181738.07833.post@hendrik-sattler.de
 
Old 05-18-2010, 05:06 PM
Andrei Popescu
 
Default UPG and the default umask

On Tue,18.May.10, 16:16:06, Harald Braumann wrote:

> A umask of 022 is the right choice for most people and at least
> doesn't put the others at risk. Everyone, who knows what a setgid
> directory is and how it works, will also know, that there are certain
> requirements on the umask. And the others really don't care, as long
> as their security is not compromised.

Except for the other group of "others", who have no idea what setgid is,
don't care too much about security and just wonder why it is so
difficult to share files with another user on the same machine.

<sarcasm>But it doesn't matter, they'll just go back to Windows anyway.
It's better suited for home users anyway.</sarcasm>

Regards,
Andrei
--
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
 
Old 05-18-2010, 05:33 PM
Christoph Anton Mitterer
 
Default UPG and the default umask

On Tue, 2010-05-18 at 17:38 +0200, Hendrik Sattler wrote:
> Do e.g. backup system deal well with ACLs?
Definitely not all,... but I guess those should be fixed anyway (totally
regardless of UPGs/umask issues)...


> The standard tar doesn't, except
> when you script around it... or if you use star.
I think you're right for GNU's upstream sources,... but if I remember
correctly, Fedora and RHEL ship patches, which enable support for ACLs,
xattrs, and SELinux.

Will file a wishlist bug against Debian's tar when I find them


Cheers,
Chris.
 

Thread Tools




All times are GMT. The time now is 01:56 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org